Skip to content

Commit df596bf

Browse files
wraithgarruyadorno
wraithgar
authored and
ruyadorno
committed
fix(publish): follow configs for registry auth
The "do you have auth configured" only takes into consideration a hard-coded "registry" config, which means that if you don't have auth configured for the npm registry, but you do for the one you have tied to a scope elsewhere in your npmrc, we would erroneously tell you that to add a token. This uses the same method that the rest of the publish chain uses to determine which registry it would be publishing to, then sees if you have auth for THAT registry. Because that other function does a hard fallback to the npm registry, there is no more need for the exception we throw if you do not have one configured. Also, the npm cli already defaults that config item, so you can't even set it to a falsey value if you wanted
1 parent d443939 commit df596bf

File tree

2 files changed

+145
-75
lines changed

2 files changed

+145
-75
lines changed

lib/publish.js

Lines changed: 18 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ const libpub = require('libnpmpublish').publish
66
const runScript = require('@npmcli/run-script')
77
const pacote = require('pacote')
88
const npa = require('npm-package-arg')
9+
const npmFetch = require('npm-registry-fetch')
910

1011
const npm = require('./npm.js')
1112
const output = require('./utils/output.js')
@@ -71,27 +72,12 @@ const publish_ = async (arg, opts) => {
7172
// you can publish name@version, ./foo.tgz, etc.
7273
// even though the default is the 'file:.' cwd.
7374
const spec = npa(arg)
74-
const manifest = await getManifest(spec, opts)
75+
76+
let manifest = await getManifest(spec, opts)
7577

7678
if (manifest.publishConfig)
7779
Object.assign(opts, publishConfigToOpts(manifest.publishConfig))
7880

79-
const { registry } = opts
80-
if (!registry) {
81-
throw Object.assign(new Error('No registry specified.'), {
82-
code: 'ENOREGISTRY',
83-
})
84-
}
85-
86-
if (!dryRun) {
87-
const creds = npm.config.getCredentialsByURI(registry)
88-
if (!creds.token && !creds.username) {
89-
throw Object.assign(new Error('This command requires you to be logged in.'), {
90-
code: 'ENEEDAUTH',
91-
})
92-
}
93-
}
94-
9581
// only run scripts for directory type publishes
9682
if (spec.type === 'directory') {
9783
await runScript({
@@ -105,18 +91,27 @@ const publish_ = async (arg, opts) => {
10591
const tarballData = await pack(spec, opts)
10692
const pkgContents = await getContents(manifest, tarballData)
10793

94+
// The purpose of re-reading the manifest is in case it changed,
95+
// so that we send the latest and greatest thing to the registry
96+
// note that publishConfig might have changed as well!
97+
manifest = await getManifest(spec, opts)
98+
if (manifest.publishConfig)
99+
Object.assign(opts, publishConfigToOpts(manifest.publishConfig))
100+
108101
// note that logTar calls npmlog.notice(), so if we ARE in silent mode,
109102
// this will do nothing, but we still want it in the debuglog if it fails.
110103
if (!json)
111104
logTar(pkgContents, { log, unicode })
112105

113106
if (!dryRun) {
114-
// The purpose of re-reading the manifest is in case it changed,
115-
// so that we send the latest and greatest thing to the registry
116-
// note that publishConfig might have changed as well!
117-
const manifest = await getManifest(spec, opts)
118-
if (manifest.publishConfig)
119-
Object.assign(opts, publishConfigToOpts(manifest.publishConfig))
107+
const resolved = npa.resolve(manifest.name, manifest.version)
108+
const registry = npmFetch.pickRegistry(resolved, opts)
109+
const creds = npm.config.getCredentialsByURI(registry)
110+
if (!creds.token && !creds.username) {
111+
throw Object.assign(new Error('This command requires you to be logged in.'), {
112+
code: 'ENEEDAUTH',
113+
})
114+
}
120115
await otplease(opts, opts => libpub(manifest, tarballData, opts))
121116
}
122117

0 commit comments

Comments
 (0)