npmPublish setting ignored about npm HOT 12 CLOSED

Cool makes sense. I might be useful just to add to the docs something along the lines of If your package is set to private in package.json, then this plugin will ignore the `npmPublish` setting altogether. This would mostly be useful to newcomers to the npm publishing pipeline (like me) who may not understand the underlying constraints properly. Again, happy to open a PR if you feel the docs can be more clear.

from npm.

As @travi mentioned to publish on a private repo you have to use publishConfig.access: restricted.

from npm.

Just as a side note, it does seem that the documentation should be updated to indicate that private: true will disable publishing altogether. As currently worded, it implies that this behavior can be overridden in .releaserc.

from npm.

I fully agreee with @aaroncraigongithub, just lost more than half an hour because the documentation wording is misleading!

And the use-case of being willing to publish only to a private package registry might justify a line about it in the docs, IMHO

from npm.

Looks like the logic here is incorrect?
https://github.com/semantic-release/npm/blob/master/lib/publish.js#L16

I believe it should be something like:

if (npmPublish === true || pkg.private !== true) {

I'll work up a PR if that looks good.

from npm.

This is intentional. We made the choice of publishing only when there is no doubt about the user intention. If those two properties contradict each other we skip the publication to be safe.

In any case, what you try to achieve will not work, even with your change.
With what you propose, semantic-release would call npm publish and it will errors out because the private property of package.json is true.

If you want to publish your module on the npm repository, don't set it to private.

from npm.

@aaroncraigongithub are you maybe wanting restricted for publishConfig.access instead of private?

from npm.

@pvdlg @travi perhaps I'm configured incorrectly, and npm docs are unclear as to what the setting in package.json should be, but according to this page, I believe I can publish private packages to npm:
https://docs.npmjs.com/creating-and-publishing-private-packages

I'm assuming by private, the docs mean "packages that have private: true in their package.json file" , as I am unaware of specifying private packages in any other way.

For context, in my specific case, I am publishing a private repo to an org npm account.

from npm.

However, @pvdlg is correct, npm publish does fail if I have private: true in package.json, so the current implementation is correct.

from npm.

the main thing to be aware of is that semantic-release defers to npm itself for that type of config. the npm docs already specify the behavior of private. referring to the npm docs is also mentioned in the readme for this project.

from npm.

So, npmPublish in .releaserc can only ever have an effect when it is false (in other words, it's solely to be used to disable publishing in a package that would otherwise be published)?

from npm.

Yes. That's explained in the docs by mentioning the default value of npmPublish is true.

Having it also allow users to use the @sematnic-release/npm plugin to update their package.json without publishing and without having to set private to true. This useful for Atom packages for example.

The npmPublish option was introduced before we started to handle private. Looking back we should probably have supported only private and find a better way to support the edge case of packages that need to skip publish but can't set private to true. But now we can't remove the npmPublish so easily.

from npm.