Skip to content

feat: support Node.js content in the gallery release pipeline#423

Merged
amylin1249 merged 6 commits into
mainfrom
373-nodejs-pipeline
Jul 9, 2026
Merged

feat: support Node.js content in the gallery release pipeline#423
amylin1249 merged 6 commits into
mainfrom
373-nodejs-pipeline

Conversation

@amylin1249

@amylin1249 amylin1249 commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Fixes #373: Makes the release/CI pipeline understand Node.js content

Changes (review commit by commit)

  • extension-list.ts: derive requiredEnvironment.nodejs from engines.node in the extension's package.json (Connect's single source of truth; it doesn't read a nodejs field from the manifest).
  • lint: require engines.node for nodejs app-mode extensions.
  • integration test action: install a Node runtime into the running Connect container for nodejs extensions (the published Connect images ship no Node), enable it, and restart so Connect loads it.
  • CONTRIBUTING: document the engines.node convention and the minimumConnectVersion >= 2026.06.0 rule.

Validation

This PR is infra-only: no Node.js example ships here (in-development examples live in connect-staging-extensions; the real one is the Express app, #374). So the Node provisioning is validated externally:

  1. In CI (this repo): on a probe branch, a hello-world Node extension deployed successfully on preview, release, and 2026.06.0:
    https://github.com/posit-dev/connect-extensions/actions/runs/28797948148
  2. End-to-end in staging: connect-staging-extensions#36 adopts this exact harness with a real Node.js hello-world. Its CI is green, and the example was deployed to dogfood, where it runs ({"message":"Hello from Node.js on Posit Connect!"}) and Connect recognizes it as Node.js content (Node.js logo). Confirms the approach works on a live Node-enabled Connect, not just in CI.

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Extension release summary

😴 Changed but won't release

The following extensions have code changes but the manifest version hasn't been incremented:

  • package-vulnerability-scanner: manifest version 3.0.6 ≤ released version 3.0.6
  • publisher-command-center: manifest version 0.0.8 ≤ released version 0.0.8
  • runtime-version-scanner: manifest version 1.0.5 ≤ released version 1.0.5
  • usage-metrics-dashboard: manifest version 1.0.15 ≤ released version 1.0.15

If you intended to release these changes, update the version field in each extension's manifest.json.

See the contributing guide for details.

@amylin1249 amylin1249 changed the title feat: support Node.js content in the gallery release pipeline" feat: support Node.js content in the gallery release pipeline Jul 6, 2026
@amylin1249 amylin1249 marked this pull request as ready for review July 6, 2026 19:23
@amylin1249 amylin1249 requested review from dotNomad and karawoo July 6, 2026 19:23

@karawoo karawoo left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think there's an inconsistency here between how the linting step and the extension-list.ts handle it if engines.node is missing. Linting fails, but the extension-list.ts code doesn't -- I think we should be consistent.

Comment thread scripts/extension-list.ts Outdated
Comment on lines +35 to +38
// Node.js content declares its required Node version in package.json's
// `engines.node`, which is the single source of truth Connect reads (it does not
// read a nodejs field from manifest.json). Returns undefined for non-Node
// extensions, which have no package.json.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

some non-nodejs extensions can have a package.json (package-vulnerability-scanner does, for example) so I think we should combine this with a check for whether the manifest's appmode is "nodejs"

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in 4f375ea - it should now check for metadata.appmode == nodejs, so a non-nodejs extension that ships a package.json (like package-vulnerability-scanner) won't get a nodejs requirement pulled in here.

@amylin1249

Copy link
Copy Markdown
Contributor Author

I think there's an inconsistency here between how the linting step and the extension-list.ts handle it if engines.node is missing. Linting fails, but the extension-list.ts code doesn't -- I think we should be consistent.

Fixed in 4f375ea - extension-list.ts now errors on a nodejs extension missing engines.node, matching the lint check so the two are consistent.

@amylin1249 amylin1249 merged commit 404ef51 into main Jul 9, 2026
253 checks passed
@amylin1249 amylin1249 deleted the 373-nodejs-pipeline branch July 9, 2026 18:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Support Node.js content in the Gallery release pipeline

2 participants