From 07ed547c43fe02d6a9d109f14fbe11bcd226a3f5 Mon Sep 17 00:00:00 2001
From: Ryan Bas <ryanbas21@gmail.com>
Date: Tue, 12 May 2026 10:55:56 -0600
Subject: [PATCH] fix: remove Chrome Web Store publish from snapshot builds

CWS doesn't allow publishing to trustedTesters when the extension is
already published publicly. Remove the Chrome publish step from
snapshots entirely. Firefox and VS Code snapshot publishes remain.

Also replaces the opaque mnao305/chrome-extension-upload action with
direct curl calls in publish-extension.yml so CWS error responses
are visible in CI logs for production publishes.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/release.yml | 42 +----------------------------------
 1 file changed, 1 insertion(+), 41 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ee87fd4..e8b267a 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -3,7 +3,7 @@ on:
   workflow_dispatch:
     inputs:
       extension:
-        description: Publish extension to testers
+        description: Publish Firefox + VS Code extensions (snapshot)
         type: boolean
         default: true
   push:
@@ -47,46 +47,6 @@ jobs:
         env:
           NPM_CONFIG_PROVENANCE: true
 
-      - name: Zip Chrome extension
-        if: inputs.extension
-        working-directory: packages/devtools-extension
-        run: cd dist && zip -r ../extension-chrome.zip .
-
-      - name: Publish Chrome extension to testers
-        if: inputs.extension
-        env:
-          EXTENSION_ID: ${{ secrets.CHROME_EXTENSION_ID }}
-          CLIENT_ID: ${{ secrets.CHROME_CLIENT_ID }}
-          CLIENT_SECRET: ${{ secrets.CHROME_CLIENT_SECRET }}
-          REFRESH_TOKEN: ${{ secrets.CHROME_REFRESH_TOKEN }}
-        run: |
-          # Get access token
-          TOKEN=$(curl -s -X POST https://oauth2.googleapis.com/token \
-            -d "client_id=$CLIENT_ID" \
-            -d "client_secret=$CLIENT_SECRET" \
-            -d "refresh_token=$REFRESH_TOKEN" \
-            -d "grant_type=refresh_token" | jq -r '.access_token')
-
-          # Upload
-          UPLOAD=$(curl -s \
-            -H "Authorization: Bearer $TOKEN" \
-            -H "x-goog-api-version: 2" \
-            -X PUT \
-            -T packages/devtools-extension/extension-chrome.zip \
-            "https://www.googleapis.com/upload/chromewebstore/v1.1/items/$EXTENSION_ID")
-          echo "Upload response: $UPLOAD"
-          echo "$UPLOAD" | jq -e '.uploadState == "SUCCESS"' || exit 1
-
-          # Publish to trusted testers
-          PUBLISH=$(curl -s \
-            -H "Authorization: Bearer $TOKEN" \
-            -H "x-goog-api-version: 2" \
-            -H "Content-Length: 0" \
-            -X POST \
-            "https://www.googleapis.com/chromewebstore/v1.1/items/$EXTENSION_ID/publish?publishTarget=trustedTesters")
-          echo "Publish response: $PUBLISH"
-          echo "$PUBLISH" | jq -e '.status[0] == "OK"' || { echo "::error::Publish failed — see response above"; exit 1; }
-
       - name: Build Firefox extension
         if: inputs.extension
         working-directory: packages/devtools-extension