The automated release is failing 🚨

[mikeal]

🚨 The automated release from the master branch failed. 🚨

I recommend you give this issue a high priority, so other packages depending on you could benefit from your bug fixes and new features.

You can find below the list of errors reported by semantic-release. Each one of them has to be resolved in order to automatically publish your package. I’m sure you can resolve this 💪.

Errors are usually caused by a misconfiguration or an authentication problem. With each error reported below you will find explanation and guidance to help you to resolve it.

Once all the errors are resolved, semantic-release will release your package the next time you push a commit to the master branch. You can also manually restart the failed CI job that runs semantic-release.

If you are not sure how to resolve this, here is some links that can help you:

• Usage documentation
• Frequently Asked Questions
• Support channels

If those don’t help, or if this issue is reporting something you think isn’t right, you can always ask the humans behind semantic-release.

---

Invalid npm token.

The npm token configured in the NPM_TOKEN environment variable must be a valid token allowing to publish to the registry https://registry.npmjs.org/.

If you are using Two-Factor Authentication, make configure the auth-only level is supported. semantic-release cannot publish with the default auth-and-writes level.

Please make sure to set the NPM_TOKEN environment variable in your CI with the exact value of the npm token.

---

Good luck with your project ✨

Your semantic-release bot 📦🚀

[gr2m]

@mikeal can you re-run semantic-release-cli setup? That’ll fix the tokens. npm invalided all tokens recently

[mikeal]

@gr2m I got this error:

(master)⚡ % semantic-release-cli setup                                                                                                                             ~/git/r2
? What is your npm registry? https://registry.npmjs.org/
? What is your npm username? mikeal
ERR! semantic-release Error: Could not login to npm.
ERR! semantic-release     at getNpmToken (/usr/local/lib/node_modules/semantic-release-cli/src/lib/npm.js:55:21)
ERR! semantic-release     at process._tickCallback (internal/process/next_tick.js:68:7)
ERR! semantic-release  { Error: Could not login to npm.
ERR! semantic-release     at getNpmToken (/usr/local/lib/node_modules/semantic-release-cli/src/lib/npm.js:55:21)
ERR! semantic-release     at process._tickCallback (internal/process/next_tick.js:68:7)
ERR! semantic-release   stack:
ERR! semantic-release    'Error: Could not login to npm.\n    at getNpmToken (/usr/local/lib/node_modules/semantic-release-cli/src/lib/npm.js:55:21)\n    at process._tickCallback (internal/process/next_tick.js:68:7)' }
(master)⚡ [1] % semantic-release-cli setup

[gr2m]

would you mind if I created a dedicated npm account only for r2 releases? It’s what I usually do for my bigger repositories, it’s also more secure because npm tokens cannot be scoped by package and if someone were to get access to your token they could do some damage to all npm packages you have write access to

[mikeal]

Go for it :)

…

On Tue, Aug 21, 2018, 12:25 PM Gregor Martynus ***@***.***> wrote: would you mind if I created a dedicated npm account only for r2 releases? It’s what I usually do for my bigger repositories, it’s also more secure because npm tokens cannot be scoped by package and if someone were to get access to your token they could do some damage to all npm packages you have write access to — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#74 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAACQ6RSzmSDBztxB98aQh5x9XdaUo4Dks5uTF6jgaJpZM4WE6yx> .

[gr2m]

can you invite https://www.npmjs.com/~r2bot as collaborator to the r2 package?