This repository has been archived by the owner on Jan 19, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 10
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Change API to support publishing non-directories
Note: This is a SemVer-major breaking change. Change the interface to `publish(manifest, tarData, opts)` instead of `publish(folder, manifest, opts)`. The npm CLI has to pack the directory in order to print out the list of files anyway, and tying the publish command to _only_ publishing folders makes certain use cases no longer possible. PR-URL: #16 Credit: @isaacs Close: #16 Reviewed-by: @nlf
- Loading branch information
Showing
6 changed files
with
586 additions
and
423 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,13 +1,9 @@ | ||
| # libnpmpublish | ||
|
|
||
| [](https://npm.im/libnpmpublish) | ||
| [](https://npm.im/libnpmpublish) | ||
| [](https://github.com/npm/libnpmpublish/actions?query=workflow%3A%22Node+CI%22) | ||
| [](https://coveralls.io/github/npm/libnpmpublish?branch=latest) | ||
|
|
||
| [`libnpmpublish`](https://github.com/npm/libnpmpublish) is a Node.js library for | ||
| programmatically publishing and unpublishing npm packages. It takes care | ||
| of packing tarballs from source code and putting it up on a nice registry for you. | ||
| [`libnpmpublish`](https://github.com/npm/libnpmpublish) is a Node.js | ||
| library for programmatically publishing and unpublishing npm packages. Give | ||
| it a manifest as an object and a tarball as a Buffer, and it'll put them on | ||
| the registry for you. | ||
|
|
||
| ## Table of Contents | ||
|
|
||
|
|
@@ -22,7 +18,6 @@ of packing tarballs from source code and putting it up on a nice registry for yo | |
|
|
||
| ```js | ||
| const { publish, unpublish } = require('libnpmpublish') | ||
|
|
||
| ``` | ||
|
|
||
| ## Install | ||
|
|
@@ -33,39 +28,58 @@ const { publish, unpublish } = require('libnpmpublish') | |
|
|
||
| #### <a name="opts"></a> `opts` for `libnpmpublish` commands | ||
|
|
||
| `libnpmpublish` uses [`npm-registry-fetch`](https://npm.im/npm-registry-fetch). | ||
| Most options are passed through directly to that library, so please refer to | ||
| [its own `opts` | ||
| documentation](https://www.npmjs.com/package/npm-registry-fetch#fetch-options) | ||
| for options that can be passed in. | ||
| `libnpmpublish` uses | ||
| [`npm-registry-fetch`](https://npm.im/npm-registry-fetch). Most options | ||
| are passed through directly to that library, so please refer to [its own | ||
| `opts` documentation](http://npm.im/npm-registry-fetch#fetch-options) for | ||
| options that can be passed in. | ||
|
|
||
| A couple of options of note: | ||
|
|
||
| * `opts.defaultTag` - registers the published package with the given tag, | ||
| defaults to `latest`. | ||
|
|
||
| A couple of options of note for those in a hurry: | ||
| * `opts.defaultTag` - registers the published package with the given tag, defaults to `latest`. | ||
| * `opts.access` - tells the registry whether this package should be | ||
| published as public or restricted. Only applies to scoped packages, which | ||
| default to restricted. | ||
|
|
||
| * `opts.access` - tells the registry whether this package should be published as public or restricted. Only applies to scoped packages, which default to restricted. | ||
| * `opts.token` - can be passed in and will be used as the authentication | ||
| token for the registry. For other ways to pass in auth details, see the | ||
| n-r-f docs. | ||
|
|
||
| * `opts.token` - can be passed in and will be used as the authentication token for the registry. For other ways to pass in auth details, see the n-r-f docs. | ||
| #### <a name="publish"></a> `> libpub.publish(manifest, tarData, [opts]) -> Promise` | ||
|
|
||
| #### <a name="publish"></a> `> libpub.publish(path, pkgJson, [opts]) -> Promise` | ||
| Sends the package represented by the `manifest` and `tarData` to the | ||
| configured registry. | ||
|
|
||
| Packs a tarball located in `path` and publishes to the appropriate configured registry. `pkgJson` should be | ||
| the parsed `package.json` for the package that is being published. | ||
| `manifest` should be the parsed `package.json` for the package being | ||
| published (which can also be the manifest pulled from a packument, a git | ||
| repo, tarball, etc.) | ||
|
|
||
| If `opts.npmVersion` is passed in, it will be used as the `_npmVersion` field in | ||
| the outgoing packument. It's recommended you add your own user agent string in | ||
| there! | ||
| `tarData` is a `Buffer` of the tarball being published. | ||
|
|
||
| If `opts.algorithms` is passed in, it should be an array of hashing algorithms | ||
| to generate `integrity` hashes for. The default is `['sha512']`, which means you | ||
| end up with `dist.integrity = 'sha512-deadbeefbadc0ffee'`. Any algorithm | ||
| supported by your current node version is allowed -- npm clients that do not | ||
| support those algorithms will simply ignore the unsupported hashes. | ||
| If `opts.npmVersion` is passed in, it will be used as the `_npmVersion` | ||
| field in the outgoing packument. You may put your own user-agent string in | ||
| there to identify your publishes. | ||
|
|
||
| If `opts.algorithms` is passed in, it should be an array of hashing | ||
| algorithms to generate `integrity` hashes for. The default is `['sha512']`, | ||
| which means you end up with `dist.integrity = 'sha512-deadbeefbadc0ffee'`. | ||
| Any algorithm supported by your current node version is allowed -- npm | ||
| clients that do not support those algorithms will simply ignore the | ||
| unsupported hashes. | ||
|
|
||
| ##### Example | ||
|
|
||
| ```javascript | ||
| ```js | ||
| // note that pacote.manifest() and pacote.tarball() can also take | ||
| // any spec that npm can install. a folder shown here, since that's | ||
| // far and away the most common use case. | ||
| const path = '/a/path/to/your/source/code' | ||
| await libpub.publish(path, { | ||
| const pacote = require('pacote') // see: http://npm.im/pacote | ||
| const manifest = await pacote.manifest(path) | ||
| const tarData = await pacote.tarball(path) | ||
| await libpub.publish(manifest, tarData, { | ||
| npmVersion: '[email protected]', | ||
| token: 'my-auth-token-here' | ||
| }, opts) | ||
|
|
@@ -84,15 +98,8 @@ expected. `range` specs will fail silently in most cases. | |
|
|
||
| ##### Example | ||
|
|
||
| ```javascript | ||
| ```js | ||
| await libpub.unpublish('lodash', { token: 'i-am-the-worst'}) | ||
| // | ||
| // `lodash` has now been unpublished, along with all its versions, and the world | ||
| // devolves into utter chaos. | ||
| // | ||
| // That, or we all go home to our friends and/or family and have a nice time | ||
| // doing nothing having to do with programming or JavaScript and realize our | ||
| // lives are just so much happier now, and we just can't understand why we ever | ||
| // got so into this JavaScript thing but damn did it pay well. I guess you'll | ||
| // settle for gardening or something. | ||
| // `lodash` has now been unpublished, along with all its versions | ||
| ``` | ||
Oops, something went wrong.