Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(publish): skip workspace packages marked private on publish #7564

Merged
merged 1 commit into from
May 29, 2024
Merged

fix(publish): skip workspace packages marked private on publish #7564

merged 1 commit into from
May 29, 2024

Conversation

milaninfy
Copy link
Contributor

npm publish --workspaces will skip workspace packages marked as private in package.json.
Currently it's skipping those packages only when you have configured auth for those packages, it would error out with ENEEDAUTH if it doesn't find the valid auth information.

this fix checks for the private property before checking for auth for the packages that will essentially not going to get published.

Fixes #7199

milaninfy
milaninfy commented May 29, 2024
View reviewed changes
lib/commands/publish.js
@@ -127,6 +127,15 @@ class Publish extends BaseCommand {
const noCreds = !(creds.token || creds.username || creds.certfile && creds.keyfile)
const outputRegistry = replaceInfo(registry)

// if a workspace package is marked private then we skip it
if (workspace && manifest.private) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a better way to check if the package is workspace package ?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No this is fine.

@milaninfy milaninfy marked this pull request as ready for review May 29, 2024 12:47
@milaninfy milaninfy requested a review from a team as a code owner May 29, 2024 12:47
@wraithgar wraithgar merged commit e4c7a41 into npm:latest May 29, 2024
23 checks passed
@github-actions github-actions bot mentioned this pull request May 29, 2024
Merged
@npm-cli-bot npm-cli-bot mentioned this pull request May 29, 2024
Merged
@JoSSte JoSSte mentioned this pull request Jul 29, 2024
Merged
@milaninfy milaninfy deleted the mm/fix-publish-private-ws branch August 26, 2024 19:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wraithgar wraithgar wraithgar approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG] publish with workspaces doesn't respect access controls
2 participants
@milaninfy @wraithgar