← Back to PRs

#3973: fix: enhance npm package integrity checks and include critical files

by YeSuX open 2026-01-29 12:58 View on GitHub →
scripts
- Added `dist/entry.js` to the npm package to prevent global install failures. - Introduced a new `verify-package.js` script to verify the presence of critical files before publishing. - Updated the `prepack` script in `package.json` to include the verification step. Issue #3914 <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> This PR updates the npm package contents and publish flow by: - Adding `dist/entry.js` to the `files` allowlist so it’s included in the published tarball. - Adding a new `scripts/verify-package.js` step to the `prepack` script to fail fast if critical publish artifacts are missing. - Adding a small Vitest test that asserts `package.json` includes the new file and `prepack` runs verification. The intent aligns with prior packaging fixes in this repo (preventing `ERR_MODULE_NOT_FOUND` on install), but the verification step currently appears to require an artifact (`dist/entry.js`) that isn’t produced by the build in this repository, which could make `prepack`/packing fail until the build pipeline generates it. <h3>Confidence Score: 3/5</h3> - This PR is close to safe to merge, but may break the publish/pack flow if `dist/entry.js` is not actually generated. - The change is small and isolated, but `prepack` is now gated on a new verification script that asserts `dist/entry.js` exists; a repo-wide search did not find any `dist/**` source for that file, suggesting `prepack`/`pnpm pack` would fail unless another step creates it. - scripts/verify-package.js, package.json <!-- greptile_other_comments_section --> <sub>(2/5) Greptile learns from your feedback when you react with thumbs up/down!</sub> **Context used:** - Context from `dashboard` - CLAUDE.md ([source](https://app.greptile.com/review/custom-context?memory=fd949e91-5c3a-4ab5-90a1-cbe184fd6ce8)) - Context from `dashboard` - AGENTS.md ([source](https://app.greptile.com/review/custom-context?memory=0d0c8278-ef8e-4d6c-ab21-f5527e322f13)) <!-- /greptile_comment -->

Most Similar PRs