Support for Private/Restricted Repos and Packages #8
Conversation
Jonjoe
changed the title
| exec(`npm publish --access=public`) | ||
| exec(`git checkout package.json`) // cleanup | ||
|
|
||
| let access = '' |
There was a problem hiding this comment.
This can be more easily written as const access = process.env.NPM_PRIVATE ? ‘restricted’ : ‘public’
| @@ -30,4 +30,5 @@ jobs: | |||
| uses: mikeal/merge-release@master | |||
| env: | |||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |||
| NPM_PRIVATE: false | |||
There was a problem hiding this comment.
Let’s leave this out so that we’re testing the default behavior in our own publishes.
| @@ -9,6 +9,7 @@ you'll need to configured that workflow yourself. You can look to the | |||
| ### Workflow | |||
|
|
|||
| * Check for the latest version number published to npm. | |||
| * If you wish privately publish your package please ensure you have set `NPM_PRIVATE` to `true` | |||
There was a problem hiding this comment.
Go ahead and just add another section at the bottom for features and write up this feature along with an example. This is a great feature and I want to make sure people see the work you’ve done 😁
Ya, I haven’t found a sufficient way to test changes in this library so there’s no expectation that contributions need to include them. I’ve just been augmenting the lack of available testing by spending more time on reviews. |
|
Thanks, man, apologies, I haven't had a chance to sort these changes. Will do them asap. |
|
No worries, there’s no pressure on my end since I don’t need this feature yet 😉 |
We just got badly burnt by the current behaviour of this plugin. Scoped packages, e.g. `@org/package` are restricted by default, e.g. an `npm publish` publishes them privately whilst the default behaviour of npm for a unscoped package is to publish it publicly; e.g. `package` will be release `public` with a simple `npm publish`. This plugin diverts from the default npm behaviour in that it releases all packages, independent of their configuration or the sane npm default, publicly. references mikeal#8 cc @joshua-leyshon-canva
| exec(`git checkout package.json`) // cleanup | ||
|
|
||
| let access = '' | ||
| process.env.NPM_PRIVATE ? access = 'restricted' : 'public' |
Hi!
Loving this repo so thank you for creating it.
Currently this will always push public releases which unfortunately means it cannot be used for private/restricted packages. I've written in some simple support for private/restricted packages by checking against an EnvVar and assigning the access level in the NPM public command.
Its untested as im not actually sure how to develop/test GitHub Actions. However, the logic is super simple so i'm hoping this will be easy to resolve!
I have also added the new EnvVar in the example yml file.
Please let me know if ive missed anything I will be happy to add it in.
Thanks again :)