See #1 for the initial implementation.
semantic-release plugin to publish an npm package to GitHub’s npm registry.
Step | Description |
---|---|
verifyConditions |
Verify the presence of the GITHUB_TOKEN environment variable, create or update the .npmrc file with GitHub’s npm registry URL, the token and verify the token is valid. |
prepare |
Update the package.json version and create the npm package tarball. |
publish |
Publish the npm package to GitHub’s npm registry. |
$ npm install @semantic-release/github-npm-registry -D
The plugin can be configured in the semantic-release configuration file:
{
"plugins": ["@semantic-release/commit-analyzer", "@semantic-release/release-notes-generator", "@semantic-release/npm"]
}
The npm authentication configuration is required and can be set via environment variables.
Both the token and the legacy (username
, password
and email
) authentication are supported. It is recommended to use the token authentication. The legacy authentication is supported as the alternative npm registries Artifactory and npm-registry-couchapp only supports that form of authentication.
Note: Only the auth-only
level of npm two-factor authentication is supported, semantic-release will not work with the default auth-and-writes
level.
Variable | Description |
---|---|
NPM_TOKEN |
Npm token created via npm token create |
NPM_USERNAME |
Npm username created via npm adduser or on npmjs.com |
NPM_PASSWORD |
Password of the npm user. |
NPM_EMAIL |
Email address associated with the npm user |
Use either NPM_TOKEN
for token authentication or NPM_USERNAME
, NPM_PASSWORD
and NPM_EMAIL
for legacy authentication
Options | Description | Default |
---|---|---|
npmPublish |
Whether to publish the npm package to the registry. If false the package.json version will still be updated. |
false if the package.json private property is true , true otherwise. |
pkgRoot |
Directory path to publish. | . |
tarballDir |
Directory path in which to write the the package tarball. If false the tarball is not be kept on the file system. |
false |
Note: The pkgRoot
directory must contain a package.json
. The version will be updated only in the package.json
and npm-shrinkwrap.json
within the pkgRoot
directory.
Note: If you use a shareable configuration that defines one of these options you can set it to false
in your semantic-release configuration in order to use the default value.
The plugin uses the npm
CLI which will read the configuration from .npmrc
. See npm config
for the option list.
The dist-tag
can be configured in the package.json
and will take precedence over the configuration in .npmrc
:
{
"publishConfig": {
"tag": "latest"
}
}
The registry
setting will be ignored. It is hardcoded to https://npm.pkg.github.com
.
The npmPublish
and tarballDir
option can be used to skip the publishing to the npm
registry and instead, release the package tarball with another plugin. For example with the @semantic-release/github plugin:
{
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
[
"@semantic-release/npm",
{
"npmPublish": false,
"tarballDir": "dist"
}
],
[
"@semantic-release/github",
{
"assets": "dist/*.tgz"
}
]
]
}
When publishing from a sub-directory with the pkgRoot
option, the package.json
and npm-shrinkwrap.json
updated with the new version can be moved to another directory with a postpublish
npm script. For example with the @semantic-release/git plugin:
{
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
[
"@semantic-release/npm",
{
"pkgRoot": "dist"
}
],
[
"@semantic-release/git",
{
"assets": ["package.json", "npm-shrinkwrap.json"]
}
]
]
}
{
"scripts": {
"postpublish": "cp -r dist/package.json . && cp -r dist/npm-shrinkwrap.json ."
}
}