Np: Failed within `np`,`scoped package`,`publishConfig.registry`

Created on 30 May 2019  ·  7Comments  ·  Source: sindresorhus/np

Description

I failed the scoped package publish process within publishConfig.registry in package.json using np

But works fine without publishConfig.registry

Error message is:

? Select semver increment or specify new version patch  0.0.8
? This scoped repo @seognil-playground/npm-feature-test hasn't been published. Do you want to publish it publicly? Yes

  ✔ Prerequisite check
  ✔ Git
  ✔ Bumping version using npm
  ✔ Publishing package using npm
  ✖ Enabling two-factor authentication
    → npm ERR!     /Users/lc/.npm/_logs/2019-05-30T10_49_13_521Z-debug.log
    Pushing tags

✖ Command failed: npm access 2fa-required @seognil-playground/npm-feature-test
npm ERR! code E400
npm ERR! 400 Bad Request - POST https://registry.npmjs.org/-/package/%40seognil-playground%2Fnpm-feature-test/access

npm ERR! A complete log of this run can be found in:
npm ERR!     /Users/lc/.npm/_logs/2019-05-30T10_49_13_521Z-debug.log

I dive into the code and found this:

exports.isExternalRegistry = (pkg) =>
  typeof pkg.publishConfig === 'object' && typeof pkg.publishConfig.registry === 'string';
// ---------> true

exports.isPackageNameAvailable = async (pkg) => {
  const isExternalRegistry = exports.isExternalRegistry(pkg);
  if (isExternalRegistry) {
    return true;
  }

  return npmName(pkg.name);
};
// ---------> true

const isAvailable = flags.publish ? await isPackageNameAvailable(pkg) : false;
// ---------> true

await ui({ ...flags, exists: !isAvailable }, pkg);
// ---------> !true -> false

if (!options.exists && !pkg.private) {
  // ...
  enable2fa();
}
// ---------> !false && !false ---------> enable2fa()

// $ > npm access 2fa-required @seognil-playground/npm-feature-test
// ---------> which I break there

So once If publishConfig.registry is declared in package.json, it'll directly point out the package isAvailable,
(Even if it is also https://registry.npmjs.org/, and already a package there)
(Why this move? Because I'm using a mirror registry for package install speed, and this field will lock the publish registry and save my life.)

So that will trigger enable2fa() and npm access 2fa-required
Which in my case break the pulish process
(Becasue I found it maybe a problem with npm 2fa feature)
(And also I want to keep simple, to not use 2fa)

Steps to reproduce

I made a very simple repo here: https://github.com/seognil/npm-feature-test
and npm address here: https://www.npmjs.com/package/@seognil-playground/npm-feature-test

Won't work

  1. fill publishConfig.registry in package.json
  2. git commit blahblahblah
  3. run np --yolo (without test)

Will work

  1. remove publishConfig field
  2. git commit blahblahblah
  3. run np --yolo (without test)

Expected behavior

I don't know if the code logic above is a feature or something...

But I thought there is one problem and one suggestion

The problem: the isAvailable logic may be improved

The suggestion: an option of np-cli to skip 2FA anyway

So It will not break the publish process in my case...


And Thanks for the tool by the way, really helps :)

Notice that there are already some issues maybe related,
I'd also check that later

Environment

np - 5.0.2
Node.js - v12.1.0
npm - 6.9.0
Git - 2.21.0
OS - 64bit Mac OS X 10.14.5 18F132

bug help wanted

All 7 comments

It seems like the issue's origin is in npm rather than np, since when I tried running $ npm access 2fa-required @seognil-playground/npm-feature-test locally I got the following error:

❯ npm access 2fa-required @seognil-playground/npm-feature-test
npm ERR! code E400
npm ERR! 400 Bad Request - POST http://registry.npmjs.org/-/package/%40seognil-playground%2Fnpm-feature-test/access

npm ERR! A complete log of this run can be found in:
npm ERR!     /Users/Itai/.npm/_logs/2019-06-02T10_22_52_217Z-debug.log

Which is identical to the one you got when using np.

It would be great if you could open a bug report for this over at npm.

  1. yep, maybe that npm 2fa feature also has some issue there.

  2. One Thing I thought was a problem is that:
    isPackageNameAvailable is also not check from registry (npmjs.com)
    It just check from the local configuration.

like I said.

So once If publishConfig.registry is declared in package.json, it'll directly point out the package isAvailable,
(Even if it is also https://registry.npmjs.org/, and already a package there)

I mean

// package.json
{
  "publishConfig": {
    "registry": "https://registry.npmjs.org/",
    "access": "public"
  },
}

np will treat the lib always as unpublished and available then go to the init publish process

I just remembered #356, in which I implemented isPackageNameAvailable. The reason it always returns true when a user sets the registry option in publishConfig is that npm-name doesn't support custom registry URLs yet. However, I've already opened sindresorhus/npm-name#33, which will add that functionality and should fix this as well.

Hello, i'm struggling with same issue.
Trying publish package to my private registry

 "publishConfig": {
    "registry": "http://srv-dkr-l.lime.local:4873"
  },

And as a result i got this

Command failed: npm access 2fa-required @lcgroup/adm-date-controls
npm ERR! code E404
npm ERR! 404 Not Found - POST https://registry.npmjs.org/-/package/%40lcgroup%2Fadm-date-controls/access

Note that after npm access it POSTs to official npmjs registry?!

However, I've already opened sindresorhus/npm-name#33, which will add that functionality and should fix this as well.

@itaisteinherz Is this fixed now? If not, what else needs to be done.

@sindresorhus See https://github.com/sindresorhus/np/pull/429#pullrequestreview-323718862. Merging #429 is the last thing I think.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

gillesdemey picture gillesdemey  ·  3Comments

doug-wade picture doug-wade  ·  5Comments

inker picture inker  ·  4Comments

fregante picture fregante  ·  5Comments

kapooostin picture kapooostin  ·  5Comments