From 083d3adba448fdf4664914a899d0b8dffa786753 Mon Sep 17 00:00:00 2001
From: Oluwaseun Ismaila <Oluwaseun.ismaila@tether.io>
Date: Mon, 9 Feb 2026 04:42:11 -0600
Subject: [PATCH 1/2] update workflow

---
 .../publish-qvac-lib-registry-server.yml      | 115 ++++++++++++++++--
 .github/workflows/publish-qvac-sdk.yml        |   1 -
 2 files changed, 103 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/publish-qvac-lib-registry-server.yml b/.github/workflows/publish-qvac-lib-registry-server.yml
index 97805188a1..cf0f05c5d5 100644
--- a/.github/workflows/publish-qvac-lib-registry-server.yml
+++ b/.github/workflows/publish-qvac-lib-registry-server.yml
@@ -1,6 +1,10 @@
 name: Publish (Qvac-lib-registry-server)
 
 on:
+  pull_request:
+   paths:
+      - "packages/qvac-lib-registry-server/shared/**"
+      - "packages/qvac-lib-registry-server/client/**"
   push:
     branches:
       - main
@@ -27,9 +31,9 @@ jobs:
     secrets:
       github-token: ${{ secrets.GITHUB_TOKEN }}
     with:
-      package-slug: qvac-lib-dl-base
-      package-json-path: packages/qvac-lib-dl-base/package.json
-      changelog-path: packages/qvac-lib-dl-base/CHANGELOG.md
+      package-slug: qvac-lib-registry-server
+      package-json-path: packages/qvac-lib-registry-server/package.json
+      changelog-path: packages/qvac-lib-registry-server/CHANGELOG.md
 
   detect-changes:
     runs-on: ubuntu-latest
@@ -77,7 +81,10 @@ jobs:
   publish-logic:
     runs-on: ubuntu-latest
     outputs:
-      publish_gpr: ${{ steps.logic.outputs.publish_gpr }}
+      publish_main: ${{ steps.logic.outputs.publish_main }}
+      publish_release: ${{ steps.logic.outputs.publish_release }}
+      publish_feature: ${{ steps.logic.outputs.publish_feature }}
+      publish_tmp: ${{ steps.logic.outputs.publish_tmp }}
       gpr_tag: ${{ steps.logic.outputs.gpr_tag }}
     steps:
       - id: logic
@@ -87,10 +94,20 @@ jobs:
           ref_name="${GITHUB_REF_NAME}"
           event_name="${GITHUB_EVENT_NAME}"
 
-          publish_gpr="false"
+          publish_main="false"
+          publish_release="false"
+          publish_feature="false"
+          publish_tmp="false"
+
           if [ "$event_name" = "push" ] || [ "$event_name" = "workflow_dispatch" ]; then
-            if [ "$ref_name" = "main" ] || [[ "$ref_name" == feature-* ]] || [[ "$ref_name" == tmp-* ]]; then
-              publish_gpr="true"
+            if [ "$ref_name" = "main" ]; then
+              publish_main="true"
+            elif [[ "$ref_name" == release-* ]]; then
+              publish_release="true"
+            elif [[ "$ref_name" == feature-* ]]; then
+              publish_feature="true"
+            elif [[ "$ref_name" == tmp-* ]]; then
+              publish_tmp="true"
             fi
           fi
 
@@ -101,12 +118,18 @@ jobs:
             gpr_tag="$ref_name"
           fi
 
-          echo "publish_gpr=$publish_gpr" >> "$GITHUB_OUTPUT"
+          echo "publish_main=$publish_main" >> "$GITHUB_OUTPUT"
+          echo "publish_release=$publish_release" >> "$GITHUB_OUTPUT"
+          echo "publish_feature=$publish_feature" >> "$GITHUB_OUTPUT"
+          echo "publish_tmp=$publish_tmp" >> "$GITHUB_OUTPUT"
           echo "gpr_tag=$gpr_tag" >> "$GITHUB_OUTPUT"
 
-  publish-schema:
+  publish-schema-gpr:
     needs: [detect-changes, publish-logic]
-    if: needs.detect-changes.outputs.schema_changed == 'true' && needs.publish-logic.outputs.publish_gpr == 'true'
+    if:   needs.detect-changes.outputs.schema_changed == 'true' &&
+          (needs.publish-logic.outputs.publish_feature == 'true' ||
+          needs.publish-logic.outputs.publish_main == 'true' ||
+          needs.publish-logic.outputs.publish_tmp == 'true')
     runs-on: ubuntu-latest
     permissions:
       contents: write
@@ -131,6 +154,35 @@ jobs:
           tag: ${{ needs.publish-logic.outputs.gpr_tag }}
           name-suffix: ${{ env.NAME_SUFFIX }}
 
+  publish-schema-npm:
+    needs: [detect-changes, publish-logic]
+    if: needs.detect-changes.outputs.schema_changed == 'true' && needs.publish-logic.outputs.publish_release == 'true'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.PAT_TOKEN }}
+
+      - name: Configure npm for GitHub Package Registry
+        shell: bash
+        working-directory: ${{ env.PKG_DIR }}
+        run: |
+          echo "@tetherto:registry=https://npm.pkg.github.com" >> ~/.npmrc
+          echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" >> ~/.npmrc
+
+      - name: Publish to NPM Package Registry
+        id: publish
+        uses: tetherto/qvac-devops/.github/actions/publish-library-to-npm@monorepo_update
+        with:
+          secret-token: ${{ secrets.NPM_TOKEN }}
+          tag: "latest"
+          git-token: ${{ secrets.PAT_TOKEN }}
+          create-tag: "true"
+          workdir:  ${{ env.PKG_DIR }}/shared
+
   lint-and-test:
     needs: detect-changes
     if: needs.detect-changes.outputs.client_changed == 'true'
@@ -183,14 +235,16 @@ jobs:
         shell: bash
         run: npm run typecheck
 
-  publish-client:
+  publish-client-gpr:
     needs: [detect-changes, publish-logic, publish-schema, lint-and-test]
     if: |
       needs.detect-changes.outputs.client_changed == 'true' &&
       always() &&
       (needs.publish-schema.result == 'success' || needs.publish-schema.result == 'skipped') &&
       needs.lint-and-test.result == 'success' &&
-      needs.publish-logic.outputs.publish_gpr == 'true'
+      (needs.publish-logic.outputs.publish_feature == 'true' ||
+      needs.publish-logic.outputs.publish_main == 'true' ||
+      needs.publish-logic.outputs.publish_tmp == 'true')
     runs-on: ubuntu-latest
     permissions:
       contents: write
@@ -216,3 +270,40 @@ jobs:
           workdir: ${{ env.PKG_DIR }}/client
           tag: ${{ needs.publish-logic.outputs.gpr_tag }}
           name-suffix: ${{ env.NAME_SUFFIX }}
+
+
+  publish-client-npm:
+    needs: [detect-changes, publish-logic, publish-schema, lint-and-test]
+    if: |
+      needs.detect-changes.outputs.client_changed == 'true' &&
+      always() &&
+      (needs.publish-schema.result == 'success' || needs.publish-schema.result == 'skipped') &&
+      needs.lint-and-test.result == 'success' &&
+      needs.publish-logic.outputs.publish_release == 'true'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.PAT_TOKEN }}
+
+      - name: Configure npm for package registries
+        shell: bash
+        working-directory: ${{ env.PKG_DIR }}
+        run: |
+          echo "@tetherto:registry=https://npm.pkg.github.com" >> ~/.npmrc
+          echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" >> ~/.npmrc
+          echo "@qvac:registry=https://registry.npmjs.org" >> ~/.npmrc
+          echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" >> ~/.npmrc
+
+      - name: Publish to NPM Package Registry
+        id: publish
+        uses: tetherto/qvac-devops/.github/actions/publish-library-to-npm@monorepo_update
+        with:
+          secret-token: ${{ secrets.NPM_TOKEN }}
+          tag: "latest"
+          git-token: ${{ secrets.PAT_TOKEN }}
+          create-tag: "true"
+          workdir:  ${{ env.PKG_DIR }}/client
diff --git a/.github/workflows/publish-qvac-sdk.yml b/.github/workflows/publish-qvac-sdk.yml
index 39539e384b..c8c76a298a 100644
--- a/.github/workflows/publish-qvac-sdk.yml
+++ b/.github/workflows/publish-qvac-sdk.yml
@@ -341,4 +341,3 @@ jobs:
           git-token: ${{ secrets.PAT_TOKEN }}
           create-tag: "true"
           workdir: ${{ env.WORKDIR }}
-          name-suffix: "-mono"

From ad4f678c956f66ac06a84a20e3c392857e4d993d Mon Sep 17 00:00:00 2001
From: Oluwaseun Ismaila <Oluwaseun.ismaila@tether.io>
Date: Mon, 9 Feb 2026 04:49:26 -0600
Subject: [PATCH 2/2] update workflow to fix detect changes step

---
 .../publish-qvac-lib-registry-server.yml      | 63 ++++++++++++-------
 1 file changed, 42 insertions(+), 21 deletions(-)

diff --git a/.github/workflows/publish-qvac-lib-registry-server.yml b/.github/workflows/publish-qvac-lib-registry-server.yml
index cf0f05c5d5..b7af745cc9 100644
--- a/.github/workflows/publish-qvac-lib-registry-server.yml
+++ b/.github/workflows/publish-qvac-lib-registry-server.yml
@@ -2,7 +2,7 @@ name: Publish (Qvac-lib-registry-server)
 
 on:
   pull_request:
-   paths:
+    paths:
       - "packages/qvac-lib-registry-server/shared/**"
       - "packages/qvac-lib-registry-server/client/**"
   push:
@@ -51,19 +51,29 @@ jobs:
         run: |
           set -euo pipefail
 
-          BEFORE_SHA="${{ github.event.before }}"
-          AFTER_SHA="${{ github.sha }}"
+          PKG_DIR="${PKG_DIR}"
+          EVENT="${GITHUB_EVENT_NAME}"
 
-          # workflow_dispatch has no "before". Also guard against the all-zero SHA.
-          if [[ -z "${BEFORE_SHA}" || "${BEFORE_SHA}" == "0000000000000000000000000000000000000000" ]]; then
-            BEFORE_SHA="$(git rev-parse "${AFTER_SHA}^" 2>/dev/null || true)"
-          fi
+          if [[ "${EVENT}" == "pull_request" ]]; then
+            # PR diff: base..head
+            BEFORE_SHA="${{ github.event.pull_request.base.sha }}"
+            AFTER_SHA="${{ github.event.pull_request.head.sha }}"
+          else
+            # push/workflow_dispatch diff: before..sha
+            BEFORE_SHA="${{ github.event.before }}"
+            AFTER_SHA="${{ github.sha }}"
 
-          # If we still couldn't resolve BEFORE_SHA (rare), treat as changed to allow manual runs.
-          if [[ -z "${BEFORE_SHA}" ]]; then
-            echo "schema=true" >> "$GITHUB_OUTPUT"
-            echo "client=true" >> "$GITHUB_OUTPUT"
-            exit 0
+            # workflow_dispatch has no "before". Also guard against the all-zero SHA.
+            if [[ -z "${BEFORE_SHA}" || "${BEFORE_SHA}" == "0000000000000000000000000000000000000000" ]]; then
+              BEFORE_SHA="$(git rev-parse "${AFTER_SHA}^" 2>/dev/null || true)"
+            fi
+
+            # If we still couldn't resolve BEFORE_SHA (rare), treat as changed to allow manual runs.
+            if [[ -z "${BEFORE_SHA}" ]]; then
+              echo "schema=true" >> "$GITHUB_OUTPUT"
+              echo "client=true" >> "$GITHUB_OUTPUT"
+              exit 0
+            fi
           fi
 
           if git diff --name-only "$BEFORE_SHA" "$AFTER_SHA" -- "${PKG_DIR}/shared/" | grep -q .; then
@@ -126,10 +136,11 @@ jobs:
 
   publish-schema-gpr:
     needs: [detect-changes, publish-logic]
-    if:   needs.detect-changes.outputs.schema_changed == 'true' &&
-          (needs.publish-logic.outputs.publish_feature == 'true' ||
-          needs.publish-logic.outputs.publish_main == 'true' ||
-          needs.publish-logic.outputs.publish_tmp == 'true')
+    if: |
+      needs.detect-changes.outputs.schema_changed == 'true' &&
+      (needs.publish-logic.outputs.publish_feature == 'true' ||
+       needs.publish-logic.outputs.publish_main == 'true' ||
+       needs.publish-logic.outputs.publish_tmp == 'true')
     runs-on: ubuntu-latest
     permissions:
       contents: write
@@ -181,7 +192,18 @@ jobs:
           tag: "latest"
           git-token: ${{ secrets.PAT_TOKEN }}
           create-tag: "true"
-          workdir:  ${{ env.PKG_DIR }}/shared
+          workdir: ${{ env.PKG_DIR }}/shared
+
+  publish-schema:
+    name: Publish Schema (meta)
+    needs: [publish-schema-gpr, publish-schema-npm]
+    if: |
+      always() &&
+      (needs.publish-schema-gpr.result == 'success' || needs.publish-schema-gpr.result == 'skipped') &&
+      (needs.publish-schema-npm.result == 'success' || needs.publish-schema-npm.result == 'skipped')
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo "Schema publish completed or skipped."
 
   lint-and-test:
     needs: detect-changes
@@ -243,8 +265,8 @@ jobs:
       (needs.publish-schema.result == 'success' || needs.publish-schema.result == 'skipped') &&
       needs.lint-and-test.result == 'success' &&
       (needs.publish-logic.outputs.publish_feature == 'true' ||
-      needs.publish-logic.outputs.publish_main == 'true' ||
-      needs.publish-logic.outputs.publish_tmp == 'true')
+       needs.publish-logic.outputs.publish_main == 'true' ||
+       needs.publish-logic.outputs.publish_tmp == 'true')
     runs-on: ubuntu-latest
     permissions:
       contents: write
@@ -271,7 +293,6 @@ jobs:
           tag: ${{ needs.publish-logic.outputs.gpr_tag }}
           name-suffix: ${{ env.NAME_SUFFIX }}
 
-
   publish-client-npm:
     needs: [detect-changes, publish-logic, publish-schema, lint-and-test]
     if: |
@@ -306,4 +327,4 @@ jobs:
           tag: "latest"
           git-token: ${{ secrets.PAT_TOKEN }}
           create-tag: "true"
-          workdir:  ${{ env.PKG_DIR }}/client
+          workdir: ${{ env.PKG_DIR }}/client