I failed the scoped package publish process within publishConfig.registry in package.json using np
But works fine without publishConfig.registry
Error message is:
? Select semver increment or specify new version patch 0.0.8
? This scoped repo @seognil-playground/npm-feature-test hasn't been published. Do you want to publish it publicly? Yes
✔ Prerequisite check
✔ Git
✔ Bumping version using npm
✔ Publishing package using npm
✖ Enabling two-factor authentication
→ npm ERR! /Users/lc/.npm/_logs/2019-05-30T10_49_13_521Z-debug.log
Pushing tags
✖ Command failed: npm access 2fa-required @seognil-playground/npm-feature-test
npm ERR! code E400
npm ERR! 400 Bad Request - POST https://registry.npmjs.org/-/package/%40seognil-playground%2Fnpm-feature-test/access
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/lc/.npm/_logs/2019-05-30T10_49_13_521Z-debug.log
I dive into the code and found this:
exports.isExternalRegistry = (pkg) =>
typeof pkg.publishConfig === 'object' && typeof pkg.publishConfig.registry === 'string';
// ---------> true
exports.isPackageNameAvailable = async (pkg) => {
const isExternalRegistry = exports.isExternalRegistry(pkg);
if (isExternalRegistry) {
return true;
}
return npmName(pkg.name);
};
// ---------> true
const isAvailable = flags.publish ? await isPackageNameAvailable(pkg) : false;
// ---------> true
await ui({ ...flags, exists: !isAvailable }, pkg);
// ---------> !true -> false
if (!options.exists && !pkg.private) {
// ...
enable2fa();
}
// ---------> !false && !false ---------> enable2fa()
// $ > npm access 2fa-required @seognil-playground/npm-feature-test
// ---------> which I break there
So once If publishConfig.registry is declared in package.json, it'll directly point out the package isAvailable,
(Even if it is also https://registry.npmjs.org/, and already a package there)
(Why this move? Because I'm using a mirror registry for package install speed, and this field will lock the publish registry and save my life.)
So that will trigger enable2fa() and npm access 2fa-required
Which in my case break the pulish process
(Becasue I found it maybe a problem with npm 2fa feature)
(And also I want to keep simple, to not use 2fa)
I made a very simple repo here: https://github.com/seognil/npm-feature-test
and npm address here: https://www.npmjs.com/package/@seognil-playground/npm-feature-test
Won't work
publishConfig.registry in package.jsonnp --yolo (without test)Will work
publishConfig fieldnp --yolo (without test)I don't know if the code logic above is a feature or something...
But I thought there is one problem and one suggestion
The problem: the isAvailable logic may be improved
The suggestion: an option of np-cli to skip 2FA anyway
So It will not break the publish process in my case...
And Thanks for the tool by the way, really helps :)
Notice that there are already some issues maybe related,
I'd also check that later
np - 5.0.2
Node.js - v12.1.0
npm - 6.9.0
Git - 2.21.0
OS - 64bit Mac OS X 10.14.5 18F132
It seems like the issue's origin is in npm rather than np, since when I tried running $ npm access 2fa-required @seognil-playground/npm-feature-test locally I got the following error:
❯ npm access 2fa-required @seognil-playground/npm-feature-test
npm ERR! code E400
npm ERR! 400 Bad Request - POST http://registry.npmjs.org/-/package/%40seognil-playground%2Fnpm-feature-test/access
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/Itai/.npm/_logs/2019-06-02T10_22_52_217Z-debug.log
Which is identical to the one you got when using np.
It would be great if you could open a bug report for this over at npm.
yep, maybe that npm 2fa feature also has some issue there.
One Thing I thought was a problem is that:
isPackageNameAvailable is also not check from registry (npmjs.com)
It just check from the local configuration.
like I said.
So once If publishConfig.registry is declared in package.json, it'll directly point out the package isAvailable,
(Even if it is also https://registry.npmjs.org/, and already a package there)
I mean
// package.json
{
"publishConfig": {
"registry": "https://registry.npmjs.org/",
"access": "public"
},
}
np will treat the lib always as unpublished and available then go to the init publish process
I just remembered #356, in which I implemented isPackageNameAvailable. The reason it always returns true when a user sets the registry option in publishConfig is that npm-name doesn't support custom registry URLs yet. However, I've already opened sindresorhus/npm-name#33, which will add that functionality and should fix this as well.
Hello, i'm struggling with same issue.
Trying publish package to my private registry
"publishConfig": {
"registry": "http://srv-dkr-l.lime.local:4873"
},
And as a result i got this
Command failed: npm access 2fa-required @lcgroup/adm-date-controls
npm ERR! code E404
npm ERR! 404 Not Found - POST https://registry.npmjs.org/-/package/%40lcgroup%2Fadm-date-controls/access
Note that after npm access it POSTs to official npmjs registry?!
However, I've already opened sindresorhus/npm-name#33, which will add that functionality and should fix this as well.
@itaisteinherz Is this fixed now? If not, what else needs to be done.
@sindresorhus See https://github.com/sindresorhus/np/pull/429#pullrequestreview-323718862. Merging #429 is the last thing I think.