@semantic-release/npm
Advanced tools
Comparing version 2.2.0 to 2.3.0
23
index.js
@@ -0,1 +1,2 @@ | ||
| const {castArray} = require('lodash'); | ||
| const setLegacyToken = require('./lib/set-legacy-token'); | ||
@@ -9,6 +10,18 @@ const getPkg = require('./lib/get-pkg'); | ||
| async function verifyConditions(pluginConfig, {logger}) { | ||
| async function verifyConditions(pluginConfig, {options, logger}) { | ||
| // If the npm publish plugin is used and has `npmPublish` or `tarballDir` configured, validate them now in order to prevent any release if the configuration is wrong | ||
| if (options.publish) { | ||
| const publishPlugin = castArray(options.publish).find( | ||
| config => config.path && config.path === '@semantic-release/npm' | ||
| ); | ||
| if (publishPlugin && publishPlugin.npmPublish) { | ||
| pluginConfig.npmPublish = publishPlugin.npmPublish; | ||
| } | ||
| if (publishPlugin && publishPlugin.tarballDir) { | ||
| pluginConfig.tarballDir = publishPlugin.tarballDir; | ||
| } | ||
| } | ||
| setLegacyToken(); | ||
| const pkg = await getPkg(); | ||
| await verifyNpm(pkg, logger); | ||
| await verifyNpm(pluginConfig, pkg, logger); | ||
| verified = true; | ||
@@ -22,3 +35,3 @@ } | ||
| if (!verified) { | ||
| await verifyNpm(pkg, logger); | ||
| await verifyNpm(pluginConfig, pkg, logger); | ||
| verified = true; | ||
@@ -34,8 +47,8 @@ } | ||
| if (!verified) { | ||
| await verifyNpm(pkg, logger); | ||
| await verifyNpm(pluginConfig, pkg, logger); | ||
| verified = true; | ||
| } | ||
| await publishNpm(pkg, version, logger); | ||
| await publishNpm(pluginConfig, pkg, version, logger); | ||
| } | ||
| module.exports = {verifyConditions, getLastRelease, publish}; |
@@ -0,1 +1,3 @@ | ||
| const path = require('path'); | ||
| const {move} = require('fs-extra'); | ||
| const execa = require('execa'); | ||
@@ -5,9 +7,17 @@ const getRegistry = require('./get-registry'); | ||
| module.exports = async ({publishConfig, name}, version, logger) => { | ||
| module.exports = async ({npmPublish, tarballDir}, {publishConfig, name}, version, logger) => { | ||
| const registry = await getRegistry(publishConfig, name); | ||
| await updatePackageVersion(version, logger); | ||
| logger.log('Publishing version %s to npm registry', version); | ||
| const shell = await execa('npm', ['publish', '--registry', registry]); | ||
| process.stdout.write(shell.stdout); | ||
| if (tarballDir) { | ||
| logger.log('Creating npm package version %s', version); | ||
| const tarball = await execa.stdout('npm', ['pack']); | ||
| await move(tarball, path.join(tarballDir.trim(), tarball)); | ||
| } | ||
| if (npmPublish !== false) { | ||
| logger.log('Publishing version %s to npm registry', version); | ||
| const shell = await execa('npm', ['publish', '--registry', registry]); | ||
| process.stdout.write(shell.stdout); | ||
| } | ||
| }; |
@@ -0,1 +1,2 @@ | ||
| const {isString, isUndefined, isBoolean} = require('lodash'); | ||
| const execa = require('execa'); | ||
@@ -6,3 +7,11 @@ const SemanticReleaseError = require('@semantic-release/error'); | ||
| module.exports = async (pkg, logger) => { | ||
| module.exports = async ({npmPublish, tarballDir}, pkg, logger) => { | ||
| if (!isUndefined(npmPublish) && !isBoolean(npmPublish)) { | ||
| throw new SemanticReleaseError('The "npmPublish" options, if defined, must be a Boolean.', 'EINVALIDNPMPUBLISH'); | ||
| } | ||
| if (!isUndefined(tarballDir) && !isString(tarballDir)) { | ||
| throw new SemanticReleaseError('The "tarballDir" options, if defined, must be a String.', 'EINVALIDTARBALLDIR'); | ||
| } | ||
| const registry = await getRegistry(pkg.publishConfig, pkg.name); | ||
@@ -9,0 +18,0 @@ await setNpmrcAuth(registry, logger); |
@@ -1,1 +0,1 @@ | ||
| {"name":"@semantic-release/npm","description":"Set of semantic-release plugins to publish to a npm registry","version":"2.2.0","author":"Pierre Vanduynslager (https://twitter.com/@pvdlg_)","bugs":{"url":"https://github.com/semantic-release/npm/issues"},"config":{"commitizen":{"path":"cz-conventional-changelog"}},"contributors":["Stephan Bönnemann <stephan@boennemann.me> (http://boennemann.me)","Gregor Martynus (https://twitter.com/gr2m)"],"dependencies":{"@semantic-release/error":"^2.1.0","execa":"^0.8.0","fs-extra":"^4.0.2","nerf-dart":"^1.0.0","npm-conf":"^1.1.3","npm-registry-client":"^8.5.0","read-pkg-up":"^3.0.0","registry-auth-token":"^3.3.1"},"devDependencies":{"ava":"^0.24.0","clear-module":"^2.1.0","codecov":"^3.0.0","commitizen":"^2.9.6","cz-conventional-changelog":"^2.0.0","dockerode":"^2.5.3","eslint-config-prettier":"^2.5.0","eslint-plugin-prettier":"^2.3.0","get-stream":"^3.0.0","got":"^8.0.0","nock":"^9.1.0","nyc":"^11.2.1","p-retry":"^1.0.0","prettier":"~1.8.2","semantic-release":"^10.0.0","sinon":"^4.1.2","tempy":"^0.2.1","xo":"^0.18.2"},"engines":{"node":">=4"},"files":["lib","index.js"],"homepage":"https://github.com/semantic-release/npm#readme","keywords":["npm","publish","registry","semantic-release","version"],"license":"MIT","main":"index.js","nyc":{"include":["lib/**/*.js","index.js"],"reporter":["json","text","html"],"all":true},"prettier":{"printWidth":120,"singleQuote":true,"bracketSpacing":false,"trailingComma":"es5"},"publishConfig":{"access":"public"},"repository":{"type":"git","url":"https://github.com/semantic-release/npm.git"},"scripts":{"cm":"git-cz","codecov":"codecov -f coverage/coverage-final.json","lint":"xo","pretest":"npm run lint","semantic-release":"semantic-release","test":"nyc ava -v"},"xo":{"extends":["prettier"],"plugins":["prettier"],"rules":{"prettier/prettier":2}}} | ||
| {"name":"@semantic-release/npm","description":"Set of semantic-release plugins to publish to a npm registry","version":"2.3.0","author":"Pierre Vanduynslager (https://twitter.com/@pvdlg_)","bugs":{"url":"https://github.com/semantic-release/npm/issues"},"config":{"commitizen":{"path":"cz-conventional-changelog"}},"contributors":["Stephan Bönnemann <stephan@boennemann.me> (http://boennemann.me)","Gregor Martynus (https://twitter.com/gr2m)"],"dependencies":{"@semantic-release/error":"^2.1.0","execa":"^0.8.0","fs-extra":"^4.0.2","lodash":"^4.17.4","nerf-dart":"^1.0.0","npm-conf":"^1.1.3","npm-registry-client":"^8.5.0","read-pkg-up":"^3.0.0","registry-auth-token":"^3.3.1"},"devDependencies":{"ava":"^0.24.0","clear-module":"^2.1.0","codecov":"^3.0.0","commitizen":"^2.9.6","cz-conventional-changelog":"^2.0.0","dockerode":"^2.5.3","eslint-config-prettier":"^2.5.0","eslint-plugin-prettier":"^2.3.0","get-stream":"^3.0.0","got":"^8.0.0","nock":"^9.1.0","nyc":"^11.2.1","p-retry":"^1.0.0","prettier":"~1.8.2","semantic-release":"^10.0.0","sinon":"^4.1.2","tempy":"^0.2.1","xo":"^0.18.2"},"engines":{"node":">=4"},"files":["lib","index.js"],"homepage":"https://github.com/semantic-release/npm#readme","keywords":["npm","publish","registry","semantic-release","version"],"license":"MIT","main":"index.js","nyc":{"include":["lib/**/*.js","index.js"],"reporter":["json","text","html"],"all":true},"prettier":{"printWidth":120,"singleQuote":true,"bracketSpacing":false,"trailingComma":"es5"},"publishConfig":{"access":"public"},"repository":{"type":"git","url":"https://github.com/semantic-release/npm.git"},"scripts":{"cm":"git-cz","codecov":"codecov -f coverage/coverage-final.json","lint":"xo","pretest":"npm run lint","semantic-release":"semantic-release","test":"nyc ava -v"},"xo":{"extends":["prettier"],"plugins":["prettier"],"rules":{"prettier/prettier":2}}} |
@@ -19,13 +19,15 @@ # @semantic-release/npm | ||
| Publish the package on the `npm` registry. | ||
| Update the `package.json` version, [create](https://docs.npmjs.com/cli/pack) the `npm` package tarball and [publish](https://docs.npmjs.com/cli/publish) to the `npm` registry. | ||
| ## Configuration | ||
| ### Environment variables | ||
| ### Npm registry authentication | ||
| The `npm` authentication configuration is **required** and can be set via environment variables. | ||
| The `npm` authentication configuration is **required** and can be set via [environment variables](#environment-variables). | ||
| Both the [token](https://docs.npmjs.com/getting-started/working_with_tokens) and the legacy (`username`, `password` and `email`) authentication are supported. It is recommended to use the [token](https://docs.npmjs.com/getting-started/working_with_tokens) authentication. The legacy authentication is supported as the alternative npm registries [Artifactory](https://www.jfrog.com/open-source/#os-arti) and [npm-registry-couchapp](https://github.com/npm/npm-registry-couchapp) only supports that form of authentication at this point. | ||
| | Variable | Description | ||
| ### Environment variables | ||
| | Variable | Description | | ||
| | -------------- | ----------------------------------------------------------------------------------------------------------------------------- | | ||
@@ -41,2 +43,9 @@ | `NPM_TOKEN` | Npm token created via [npm token create](https://docs.npmjs.com/getting-started/working_with_tokens#how-to-create-new-tokens) | | ||
| | Options | Description | Default | | ||
| | ------------ | ---------------------------------------------------------------------------------------------------------------------- | ------- | | ||
| | `npmPublish` | Whether to publish the `npm` package to the registry. If `false` the `package.json` version will still be updated. | `true` | | ||
| | `tarballDir` | Directory path in which to generate the the package tarball. If `false` the tarball is not be kept on the file system. | `false` | | ||
| ### Npm configuration | ||
| The plugins are based on `npm` and will use the configuration from [`.npmrc`](https://docs.npmjs.com/files/npmrc). See [npm config](https://docs.npmjs.com/misc/config) for the option list. | ||
@@ -59,2 +68,3 @@ | ||
| Each individual plugin can be disabled, replaced or used with other plugins in the `package.json`: | ||
| ```json | ||
@@ -69,1 +79,23 @@ { | ||
| ``` | ||
| The `npmPublish` and `tarballDir` option can be used to skip the publishing to the `npm` registry and instead, release the package tarball with another plugin. For example with the [github](https://github.com/semantic-release/github): | ||
| ```json | ||
| { | ||
| "release": { | ||
| "verifyConditions": ["@semantic-release/conditions-travis", "@semantic-release/npm", "@semantic-release/git", "@semantic-release/github"], | ||
| "getLastRelease": "@semantic-release/git", | ||
| "publish": [ | ||
| { | ||
| "path": "@semantic-release/npm", | ||
| "npmPublish": false, | ||
| "tarballDir": "dist" | ||
| }, | ||
| { | ||
| "path": "@semantic-release/github", | ||
| "assets": "dist/*.tgz" | ||
| }, | ||
| ] | ||
| } | ||
| } | ||
| ``` |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by22.47%
16638
- Lines of code
- increased by16.48%
205
- Number of lines in readme file
- increased by48.48%
98
Worsened metrics
- Dependency count
- increased by12.5%
9
- Number of low supply chain risk alerts
- increased by25%
5
Dependency changes
+ Addedlodash@^4.17.4
+ Addedlodash@4.17.21(transitive)