Skip to content

Commit

Permalink
docs: update docs/logging for new --access default
Browse files Browse the repository at this point in the history
  • Loading branch information
wraithgar authored and lukekarrys committed Sep 29, 2022
1 parent 525654e commit f0e7584
Show file tree
Hide file tree
Showing 8 changed files with 217 additions and 60 deletions.
20 changes: 10 additions & 10 deletions docs/content/commands/npm-publish.md
Original file line number Diff line number Diff line change
Expand Up @@ -118,19 +118,19 @@ tarball that will be compared with the local files by default.

#### `access`

* Default: 'restricted' for scoped packages, 'public' for unscoped packages
* Default: 'public' for new packages, existing packages it will not change the
current level
* Type: null, "restricted", or "public"

When publishing scoped packages, the access level defaults to `restricted`.
If you want your scoped package to be publicly viewable (and installable)
set `--access=public`. The only valid values for `access` are `public` and
`restricted`. Unscoped packages _always_ have an access level of `public`.
If do not want your scoped package to be publicly viewable (and installable)
set `--access=restricted`.

Note: Using the `--access` flag on the `npm publish` command will only set
the package access level on the initial publish of the package. Any
subsequent `npm publish` commands using the `--access` flag will not have an
effect to the access level. To make changes to the access level after the
initial publish use `npm access`.
Unscoped packages can not be set to `restricted`.

Note: This defaults to not changing the current access level for existing
packages. Specifying a value of `restricted` or `public` during publish will
change the access for an existing package the same way that `npm access set
status` would.

<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
Expand Down
20 changes: 10 additions & 10 deletions docs/content/using-npm/config.md
Original file line number Diff line number Diff line change
Expand Up @@ -151,19 +151,19 @@ safer to use a registry-provided authentication bearer token stored in the

#### `access`

* Default: 'restricted' for scoped packages, 'public' for unscoped packages
* Default: 'public' for new packages, existing packages it will not change the
current level
* Type: null, "restricted", or "public"

When publishing scoped packages, the access level defaults to `restricted`.
If you want your scoped package to be publicly viewable (and installable)
set `--access=public`. The only valid values for `access` are `public` and
`restricted`. Unscoped packages _always_ have an access level of `public`.
If do not want your scoped package to be publicly viewable (and installable)
set `--access=restricted`.

Note: Using the `--access` flag on the `npm publish` command will only set
the package access level on the initial publish of the package. Any
subsequent `npm publish` commands using the `--access` flag will not have an
effect to the access level. To make changes to the access level after the
initial publish use `npm access`.
Unscoped packages can not be set to `restricted`.

Note: This defaults to not changing the current access level for existing
packages. Specifying a value of `restricted` or `public` during publish will
change the access for an existing package the same way that `npm access set
status` would.

<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
Expand Down
11 changes: 7 additions & 4 deletions lib/commands/publish.js
Original file line number Diff line number Diff line change
Expand Up @@ -114,10 +114,13 @@ class Publish extends BaseCommand {
}
}

log.notice(
'',
`Publishing to ${outputRegistry} with tag ${defaultTag}${dryRun ? ' (dry-run)' : ''}`
)
const access = opts.access === null ? 'default' : opts.access
let msg = `Publishing to ${outputRegistry} with tag ${defaultTag} and ${access} access`
if (dryRun) {
msg = `${msg} (dry-run)`
}

log.notice('', msg)

if (!dryRun) {
await otplease(this.npm, opts, opts => libpub(manifest, tarballData, opts))
Expand Down
22 changes: 10 additions & 12 deletions lib/utils/config/definitions.js
Original file line number Diff line number Diff line change
Expand Up @@ -160,21 +160,19 @@ define('_auth', {
define('access', {
default: null,
defaultDescription: `
'restricted' for scoped packages, 'public' for unscoped packages
'public' for new packages, existing packages it will not change the current level
`,
type: [null, 'restricted', 'public'],
description: `
When publishing scoped packages, the access level defaults to
\`restricted\`. If you want your scoped package to be publicly viewable
(and installable) set \`--access=public\`. The only valid values for
\`access\` are \`public\` and \`restricted\`. Unscoped packages _always_
have an access level of \`public\`.
Note: Using the \`--access\` flag on the \`npm publish\` command will only
set the package access level on the initial publish of the package. Any
subsequent \`npm publish\` commands using the \`--access\` flag will not
have an effect to the access level. To make changes to the access level
after the initial publish use \`npm access\`.
If do not want your scoped package to be publicly viewable (and
installable) set \`--access=restricted\`.
Unscoped packages can not be set to \`restricted\`.
Note: This defaults to not changing the current access level for existing
packages. Specifying a value of \`restricted\` or \`public\` during
publish will change the access for an existing package the same way that
\`npm access set status\` would.
`,
flatten,
})
Expand Down
100 changes: 97 additions & 3 deletions tap-snapshots/test/lib/commands/publish.js.test.cjs
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ Array [
],
Array [
"",
"Publishing to https://registry.npmjs.org/ with tag latest (dry-run)",
"Publishing to https://registry.npmjs.org/ with tag latest and default access (dry-run)",
],
]
`
Expand All @@ -72,7 +72,7 @@ exports[`test/lib/commands/publish.js TAP json > must match snapshot 1`] = `
Array [
Array [
"",
"Publishing to https://registry.npmjs.org/ with tag latest",
"Publishing to https://registry.npmjs.org/ with tag latest and default access",
],
]
`
Expand Down Expand Up @@ -112,6 +112,53 @@ Array [
]
`

exports[`test/lib/commands/publish.js TAP public access > must match snapshot 1`] = `
Array [
Array [
"",
],
Array [
"",
"package: @npm/test-package@1.0.0",
],
Array [
"=== Tarball Contents ===",
],
Array [
"",
"55B package.json",
],
Array [
"=== Tarball Details ===",
],
Array [
"",
String(
name: @npm/test-package
version: 1.0.0
filename: @npm/test-package-1.0.0.tgz
package size: 147 B
unpacked size: 55 B
shasum:{sha}
integrity:{sha}
total files: 1
),
],
Array [
"",
"",
],
Array [
"",
"Publishing to https://registry.npmjs.org/ with tag latest and public access",
],
]
`

exports[`test/lib/commands/publish.js TAP public access > new package version 1`] = `
+ @npm/test-package@1.0.0
`

exports[`test/lib/commands/publish.js TAP re-loads publishConfig.registry if added during script process > new package version 1`] = `
+ test-package@1.0.0
`
Expand All @@ -120,6 +167,53 @@ exports[`test/lib/commands/publish.js TAP respects publishConfig.registry, runs
`

exports[`test/lib/commands/publish.js TAP restricted access > must match snapshot 1`] = `
Array [
Array [
"",
],
Array [
"",
"package: @npm/test-package@1.0.0",
],
Array [
"=== Tarball Contents ===",
],
Array [
"",
"55B package.json",
],
Array [
"=== Tarball Details ===",
],
Array [
"",
String(
name: @npm/test-package
version: 1.0.0
filename: @npm/test-package-1.0.0.tgz
package size: 147 B
unpacked size: 55 B
shasum:{sha}
integrity:{sha}
total files: 1
),
],
Array [
"",
"",
],
Array [
"",
"Publishing to https://registry.npmjs.org/ with tag latest and restricted access",
],
]
`

exports[`test/lib/commands/publish.js TAP restricted access > new package version 1`] = `
+ @npm/test-package@1.0.0
`

exports[`test/lib/commands/publish.js TAP scoped _auth config scoped registry > new package version 1`] = `
+ @npm/test-package@1.0.0
`
Expand Down Expand Up @@ -165,7 +259,7 @@ Array [
],
Array [
"",
"Publishing to https://registry.npmjs.org/ with tag latest",
"Publishing to https://registry.npmjs.org/ with tag latest and default access",
],
]
`
Expand Down
20 changes: 10 additions & 10 deletions tap-snapshots/test/lib/utils/config/definitions.js.test.cjs
Original file line number Diff line number Diff line change
Expand Up @@ -180,19 +180,19 @@ safer to use a registry-provided authentication bearer token stored in the
exports[`test/lib/utils/config/definitions.js TAP > config description for access 1`] = `
#### \`access\`
* Default: 'restricted' for scoped packages, 'public' for unscoped packages
* Default: 'public' for new packages, existing packages it will not change the
current level
* Type: null, "restricted", or "public"
When publishing scoped packages, the access level defaults to \`restricted\`.
If you want your scoped package to be publicly viewable (and installable)
set \`--access=public\`. The only valid values for \`access\` are \`public\` and
\`restricted\`. Unscoped packages _always_ have an access level of \`public\`.
If do not want your scoped package to be publicly viewable (and installable)
set \`--access=restricted\`.
Note: Using the \`--access\` flag on the \`npm publish\` command will only set
the package access level on the initial publish of the package. Any
subsequent \`npm publish\` commands using the \`--access\` flag will not have an
effect to the access level. To make changes to the access level after the
initial publish use \`npm access\`.
Unscoped packages can not be set to \`restricted\`.
Note: This defaults to not changing the current access level for existing
packages. Specifying a value of \`restricted\` or \`public\` during publish will
change the access for an existing package the same way that \`npm access set
status\` would.
`

exports[`test/lib/utils/config/definitions.js TAP > config description for all 1`] = `
Expand Down
20 changes: 10 additions & 10 deletions tap-snapshots/test/lib/utils/config/describe-all.js.test.cjs
Original file line number Diff line number Diff line change
Expand Up @@ -24,19 +24,19 @@ safer to use a registry-provided authentication bearer token stored in the
#### \`access\`
* Default: 'restricted' for scoped packages, 'public' for unscoped packages
* Default: 'public' for new packages, existing packages it will not change the
current level
* Type: null, "restricted", or "public"
When publishing scoped packages, the access level defaults to \`restricted\`.
If you want your scoped package to be publicly viewable (and installable)
set \`--access=public\`. The only valid values for \`access\` are \`public\` and
\`restricted\`. Unscoped packages _always_ have an access level of \`public\`.
If do not want your scoped package to be publicly viewable (and installable)
set \`--access=restricted\`.
Note: Using the \`--access\` flag on the \`npm publish\` command will only set
the package access level on the initial publish of the package. Any
subsequent \`npm publish\` commands using the \`--access\` flag will not have an
effect to the access level. To make changes to the access level after the
initial publish use \`npm access\`.
Unscoped packages can not be set to \`restricted\`.
Note: This defaults to not changing the current access level for existing
packages. Specifying a value of \`restricted\` or \`public\` during publish will
change the access for an existing package the same way that \`npm access set
status\` would.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
Expand Down
64 changes: 63 additions & 1 deletion test/lib/commands/publish.js
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ t.cleanSnapshot = data => {
t.test('respects publishConfig.registry, runs appropriate scripts', async t => {
const { npm, joinedOutput, prefix } = await loadMockNpm(t, {
config: {
loglevel: 'silent', // prevent scripts from leaking to stdout during the test
loglevel: 'silent',
[`${alternateRegistry.slice(6)}/:_authToken`]: 'test-other-token',
},
prefixDir: {
Expand Down Expand Up @@ -730,3 +730,65 @@ t.test('scoped _auth config scoped registry', async t => {
await npm.exec('publish', [])
t.matchSnapshot(joinedOutput(), 'new package version')
})

t.test('restricted access', async t => {
const spec = npa('@npm/test-package')
const { npm, joinedOutput, logs } = await loadMockNpm(t, {
config: {
...auth,
access: 'restricted',
},
prefixDir: {
'package.json': JSON.stringify({
name: '@npm/test-package',
version: '1.0.0',
}, null, 2),
},
globals: ({ prefix }) => ({
'process.cwd': () => prefix,
}),
})
const registry = new MockRegistry({
tap: t,
registry: npm.config.get('registry'),
authorization: token,
})
registry.nock.put(`/${spec.escapedName}`, body => {
t.equal(body.access, 'restricted', 'access is explicitly set to restricted')
return true
}).reply(200, {})
await npm.exec('publish', [])
t.matchSnapshot(joinedOutput(), 'new package version')
t.matchSnapshot(logs.notice)
})

t.test('public access', async t => {
const spec = npa('@npm/test-package')
const { npm, joinedOutput, logs } = await loadMockNpm(t, {
config: {
...auth,
access: 'public',
},
prefixDir: {
'package.json': JSON.stringify({
name: '@npm/test-package',
version: '1.0.0',
}, null, 2),
},
globals: ({ prefix }) => ({
'process.cwd': () => prefix,
}),
})
const registry = new MockRegistry({
tap: t,
registry: npm.config.get('registry'),
authorization: token,
})
registry.nock.put(`/${spec.escapedName}`, body => {
t.equal(body.access, 'public', 'access is explicitly set to public')
return true
}).reply(200, {})
await npm.exec('publish', [])
t.matchSnapshot(joinedOutput(), 'new package version')
t.matchSnapshot(logs.notice)
})

0 comments on commit f0e7584

Please sign in to comment.