np

A better `npm publish`

NPM scripts
sindresorhus/npnp

README


np XO code style


A better npm publish


undefined screenshot.gif

Why


Interactive UI
Ensures you are publishing from your release branch (mainand masterby default)
Ensures the working directory is clean and that there are no unpulled changes
Reinstalls dependencies to ensure your project works with the latest dependency tree
Ensures your Node.js and npm versions are supported by the project and its dependencies
Runs the tests
Bumps the version in package.json and npm-shrinkwrap.json (if present) and creates a git tag
Prevents accidental publishing of pre-release versions under the latestdist-tag
Publishes the new version to npm, optionally under a dist-tag
Rolls back the project to its previous state in case publishing fails
Pushes commits and tags (newly & previously created) to GitHub/GitLab
Supports two-factor authentication
Enables two-factor authentication on new repositories (does not apply to external registries)
Opens a prefilled GitHub Releases draft after publish
Warns about the possibility of extraneous files being published
See exactly what will be executed with preview mode , without pushing or publishing anything remotely
Supports GitHub Packages

Prerequisite


Node.js 10 or later
npm 6.8.0 or later
Git 2.11 or later

Install


  1. ``` shell
  2. npm install --global np
  3. ```

Usage


  1. ``` null
  2. $ np --help

  4.   Usage
  5.     $ np <version>

  7.     Version can be:
  8.       patch | minor | major | prepatch | preminor | premajor | prerelease | 1.2.3

  10.   Options
  11.     --any-branch            Allow publishing from any branch
  12.     --branch                Name of the release branch (default: main | master)
  13.     --no-cleanup            Skips cleanup of node_modules
  14.     --no-tests              Skips tests
  15.     --yolo                  Skips cleanup and testing
  16.     --no-publish            Skips publishing
  17.     --preview               Show tasks without actually executing them
  18.     --tag                   Publish under a given dist-tag
  19.     --no-yarn               Don't use Yarn
  20.     --contents              Subdirectory to publish
  21.     --no-release-draft      Skips opening a GitHub release draft
  22.     --release-draft-only    Only opens a GitHub release draft
  23.     --test-script           Name of npm run script to run tests before publishing (default: test)
  24.     --no-2fa                Don't enable 2FA on new packages (not recommended)
  25.     --message               Version bump commit message. `%s` will be replaced with version. (default: '%s' with npm and 'v%s' with yarn)

  27.   Examples
  28.     $ np
  29.     $ np patch
  30.     $ np 1.0.2
  31.     $ np 1.0.2-beta.3 --tag=beta
  32.     $ np 1.0.2-beta.3 --tag=beta --contents=dist

  34. ```

Interactive UI


Run npwithout arguments to launch the interactive UI that guides you through publishing a new version.

undefined

Config


npcan be configured both locally and globally. When using the global npbinary, you can configure any of the CLI flags in either a .np-config.js, .np-config.cjsor .np-config.jsonfile in the home directory. When using the local npbinary, for example, in a npm runscript, you can configure npby setting the flags in either a top-level npfield in package.jsonor in a .np-config.js, .np-config.cjsor .np-config.jsonfile in the project directory. If it exists, the local installation will always take precedence. This ensures any local config matches the version of npit was designed for.

Currently, these are the flags you can configure:

anyBranch- Allow publishing from any branch (falseby default).
branch- Name of the release branch (masterby default).
cleanup- Cleanup node_modules(trueby default).
tests- Run npm test(trueby default).
yolo- Skip cleanup and testing (falseby default).
publish- Publish (trueby default).
preview- Show tasks without actually executing them (falseby default).
tag- Publish under a given dist-tag (latestby default).
yarn- Use yarn if possible (trueby default).
contents- Subdirectory to publish (.by default).
releaseDraft- Open a GitHub release draft after releasing (trueby default).
testScript- Name of npm run script to run tests before publishing (testby default).
2fa- Enable 2FA on new packages (trueby default) (setting this to falseis not recommended).
message- The commit message used for the version bump. Any %sin the string will be replaced with the new version. By default, npm uses %sand Yarn uses v%s.

For example, this configures npto never use Yarn and to use distas the subdirectory to publish:

package.json

  1. ``` json
  2. {
  3. "name": "superb-package",
  4. "np": {
  5.   "yarn": false,
  6.   "contents": "dist"
  7. }
  8. }
  9. ```

.np-config.json

  1. ``` json
  2. {
  3. "yarn": false,
  4. "contents": "dist"
  5. }
  6. ```

.np-config.jsor .np-config.cjs

  1. ``` js
  2. module.exports = {
  3. yarn: false,
  4. contents: 'dist'
  5. };
  6. ```

Note:The global config only applies when using the global npbinary, and is never inherited when using a local binary.

Tips


npm hooks


You can use any of the test/version/publish related npm lifecycle hooks in your package.json to add extra behavior.

For example, here we build the documentation before tagging the release:

  1. ``` json
  2. {
  3. "name": "my-awesome-package",
  4. "scripts": {
  5.   "version": "./build-docs && git add docs"
  6. }
  7. }
  8. ```

Release script


You can also add npto a custom script in package.json. This can be useful if you want all maintainers of a package to release the same way (Not forgetting to push Git tags, for example). However, you can't use publishas name of your script because it's an npm defined lifecycle hook .

  1. ``` json
  2. {
  3. "name": "my-awesome-package",
  4. "scripts": {
  5.   "release": "np"
  6. },
  7. "devDependencies": {
  8.   "np": "*"
  9. }
  10. }
  11. ```

User-defined tests


If you want to run a user-defined test script before publishing instead of the normal npm testor yarn test, you can use --test-scriptflag or the testScriptconfig. This can be useful when your normal test script is running with a --watchflag or in case you want to run some specific tests (maybe on the packaged files) before publishing.

For example, np --test-script=publish-testwould run the publish-testscript instead of the default test.

  1. ``` json
  2. {
  3. "name": "my-awesome-package",
  4. "scripts": {
  5.   "test": "ava --watch",
  6.   "publish-test": "ava"
  7. },
  8. "devDependencies": {
  9.   "np": "*"
  10. }
  11. }
  12. ```

Signed Git tag


Set the sign-git-tag npm config to have the Git tag signed:

  1. ``` null
  2. $ npm config set sign-git-tag true

  4. ```

Or set the version-sign-git-tag Yarn config:

  1. ``` null
  2. $ yarn config set version-sign-git-tag true

  4. ```

Private packages


undefined

You can use npfor packages that aren't publicly published to npm (perhaps installed from a private git repo).

Set "private": truein your package.jsonand the publishing step will be skipped. All other steps including versioning and pushing tags will still be completed.

Public scoped packages


To publish scoped packages to the public registry, you need to set the access level to public. You can do that by adding the following to your package.json:

  1. ``` json
  2. "publishConfig": {
  3. "access": "public"
  4. }
  5. ```

Private Org-scoped packages


To publish a private Org-scoped package , you need to set the access level to restricted. You can do that by adding the following to your package.json:

  1. ``` json
  2. "publishConfig": {
  3. "access": "restricted"
  4. }
  5. ```

Publish to a custom registry


Set the registry option in package.json to the URL of your registry:

  1. ``` json
  2. "publishConfig": {
  3. "registry": "https://my-internal-registry.local"
  4. }
  5. ```

Publish with a CI


If you use a Continuous Integration server to publish your tagged commits, use the --no-publishflag to skip the publishing step of np.

Publish to gh-pages


To publish to gh-pages(or any other branch that serves your static assets), install branchsite , an np-like CLI tool aimed to complement np, and create an npm "post" hook that runs after np.

  1. ``` null
  2. $ npm install --save-dev branchsite

  4. ```

  1. ``` json
  2. "scripts": {
  3. "deploy": "np",
  4. "postdeploy": "bs"
  5. }
  6. ```

Initial version


For new packages, start the versionfield in package.json at 0.0.0and let npbump it to 1.0.0or 0.1.0when publishing.

Release an update to an old major version


To release a minor/patch version for an old major version, create a branch from the major version's git tag and run np:

  1. ``` session
  2. $ git checkout -b fix-old-bug v1.0.0 # Where 1.0.0 is the previous major version
  3. # Create some commits
  4. $ git push --set-upstream origin HEAD
  5. $ np patch --any-branch --tag=v1
  6. ```

The prerequisite step runs forever on macOS


If you're using macOS Sierra 10.12.2 or later, your SSH key passphrase is no longer stored into the keychain by default. This may cause the prerequisitestep to run forever because it prompts for your passphrase in the background. To fix this, add the following lines to your ~/.ssh/configand run a simple Git command like git fetch.

  1. ``` null
  2. Host *
  3. AddKeysToAgent yes
  4. UseKeychain yes

  6. ```

If you're running into other issues when using SSH, please consult GitHub's support article .

Ignore strategy


The ignore strategy , either maintained in the files-property in package.jsonor in .npmignore, is meant to help reduce the package size. To avoid broken packages caused by essential files being accidentally ignored, npprints out all the new and unpublished files added to Git. Test files and other common files that are never published are not considered. npassumes either a standard directory layout or a customized layout represented in the directoriesproperty in package.json.

FAQ


I get an error when publishing my package through Yarn


If you get an error like this…

  1. ``` shell
  2. Prerequisite check
  3. Ping npm registry
  4. Check npm version
  5. Check yarn version
  6. Verify user is authenticated

  8. npm ERR! code E403
  9. npm ERR! 403 Forbidden - GET https://registry.yarnpkg.com/-/package/my-awesome-package/collaborators?format=cli - Forbidden
  10. ```

…please check whether the command npm access ls-collaborators my-awesome-packagesucceeds. If it doesn't, Yarn has overwritten your registry URL. To fix this, add the correct registry URL to package.json:

  1. ``` json
  2. "publishConfig": {
  3. "registry": "https://registry.npmjs.org"
  4. }
  5. ```

Maintainers


Sindre Sorhus
Sam Verschueren
Itai Steinherz