Np: All private scoped packages detected as non-published

Created on 2 Jan 2019  路  5Comments  路  Source: sindresorhus/np

Issuehunt badges

This is a slight follow up to #313 and #307 + like those two a follow up to the feature introduced in #258.

We recommend np as the go to tool for publishing modules internally at @sydsvenskan, but since the latest version it always claims that our private scoped modules hasn't been published and asks if they should be published publicly (with a dangerous default as fixed in #313).

The reason is that npm-name only detects public packages as npm, correctly, doesn't expose any data about private packages.

To make the feature introduced in #258 work as a default it should really be required that the lookup also works for private scoped modules.

Alternative solutions to the preferred one above would be:

  • Leave this new feature behind a flag, intended for those who mainly publishes publicly
  • Introduce a flag to disable this feature for those of us who mainly published privately (though this would still nag all of my colleagues about our modules not being published until I got them to use that new flag, which isn't that optimal 馃槙)

What do you think @ru-lai and @sindresorhus? How would this best be solved?

Code example showing that npm-name doesn't work with private scoped modules:

const npmName = require("npm-name");

(async () => {
    console.log(await npmName('chalk'));                           // Exists, returns false
    console.log(await npmName('hallonkola'));                      // Does not exist, returns true
    console.log(await npmName('@hdsydsvenskan/graphql-partials')); // Exists, returns false
    console.log(await npmName('@hdsydsvenskan/config-loader'));    // Exists privately, but returns true
})();

Runnable here: https://runkit.com/embed/6x5oqgbc5kdv

yaodingyd earned $80.00 by resolving this issue!

Rewarded on Issuehunt bug help wanted

Most helpful comment

np will always optimize and prioritize for public open source usage.

All 5 comments

Having the same issue in my company. What about adding flag --public for publishing package as public.

  1. When --public was provided or package is without scope => publish as public without asking
  2. When --public wasn't provided and package is scoped
    You can run npm-name check. If you detect that package was already published (as public), ask user whether publish publicly (or publish publicly by default). When npm-name doesn't find package, publish it as private without asking anything.

np will always optimize and prioritize for public open source usage.

I think the best solution would be to add support for private packages to npm-name. Could maybe reuse some of the logic from https://github.com/sindresorhus/package-json/blob/1a7f10d016f6dd29fb2931831d60866e68a95611/index.js#L26-L28.

@issuehuntfest has funded $80.00 to this issue. See it on IssueHunt

@sindresorhus has rewarded $72.00 to @yaodingyd. See it on IssueHunt

  • :moneybag: Total deposit: $80.00
  • :tada: Repository reward(0%): $0.00
  • :wrench: Service fee(10%): $8.00
Was this page helpful?
0 / 5 - 0 ratings