Don't attempt to npm publish if package flagged as private in package.json

[unkillbob]

Fixes #65

We have a bunch of packages that are installed out of private git repos and attempting to use np fails at the second last step as npm publish exits with an error when the package.json specifies private: true.

This pull request makes the change to simply skip the publish step if the package is flagged as private. I wasn't sure whether you'd want this mentioned in the readme or not - let me know if I should update it.

np is really awesome and exactly what we needed, I hope we can get this small change in to adapt it for our use case!

[SamVerschueren]

np is all about publishing a module. Shouldn't this just be a prerequisite check and exit early? Just wondering.

[SamVerschueren]

Use the load-json-file package here

[unkillbob]

np is all about publishing a module. Shouldn't this just be a prerequisite check and exit early?

We still "publish" these modules (we install them from the tag produced by npm version) so need all the other aspects of np (clean, npm install, version bump, push tags, etc).

[jamestalmage]

I think this makes sense.

However, you should use read-pkg-up instead.

Also, it should very clearly state that the publish step was skipped, and why.

private package: publishing skipped

Is it possible to publish private packages on npm if they are namespaced and you have a paid account? If so we may need to add extra logic for that.

[unkillbob]

Is it possible to publish private packages on npm if they are namespaced and you have a paid account?

Reading the docs (https://docs.npmjs.com/files/package.json#private) it doesn't look like it. The purpose of private:true is to prevent accidental publishing. If you simply want to change where your package is published to you configure the publishConfig instead.

[jamestalmage]

Yeah, this makes sense then. If private:true, then npm publish will always fail. Relying on git tagging just makes sense then.

As stated - use read-pkg-up, and provide a good message when private mode is encountered. Otherwise 👍

[unkillbob]

provide a good message when private mode is encountered

Not really sure how to accomplish this with Listr - are you able to point me in the right direction?

I tried resolving the 'publish' task's promise to the message, I tried exec'ing an echo with the message and I tried a console.log - all happen so fast you don't even see it.

[jamestalmage]

See SamVerschueren/listr#15 and SamVerschueren/listr#16

[unkillbob]

@jamestalmage yes that's exactly what I need, thanks for raising those issues! In the meantime I've addressed all your other feedback - hopefully this can go ahead without the official skip warning?

[sindresorhus]

I would use readPkgUp.sync() here. No real benefit of using async fs here as these tasks are done serially.

[sindresorhus]

hopefully this can go ahead without the official skip warning?

Sure, just open an issue with the remaining work so we don't forget.

[sindresorhus]

Looks great. Could you add a note to the readme about the behavior? This might be useful for other people to, but I don't think they would realize it's possible without some kind of indication.

[unkillbob]

Skipping tasks is hopefully not too far away (SamVerschueren/listr#17), happy to hold out for that - this isn't super urgent for us.

[jamestalmage]

Skipping tasks is hopefully not too far away (SamVerschueren/listr#17), happy to hold out for that

We can follow up once that lands.

Great work. Thanks!

[sindresorhus]

Excellent work on this @unkillbob :) Cheers.