npm-publish(1)

1NPM-PUBLISH(1)                                                  NPM-PUBLISH(1)
2
3
4

NAME

6       npm-publish - Publish a package
7
8   Synopsis
9         npm publish <package-spec>
10
11   Description
12       Publishes  a  package  to  the  registry so that it can be installed by
13       name.
14
15       By default npm will publish to the public registry. This can  be  over‐
16       ridden  by  specifying a different default registry or using a npm help
17       scope in the name, combined with a scope-configured registry (see pack‐
18       age.json ⟨/configuring-npm/package-json⟩).
19
20       A  package  is interpreted the same way as other commands (like npm in‐
21       stall and can be:
22
23       •   a) a folder containing a program described by a package.json ⟨/con‐
24           figuring-npm/package-json⟩ file
25
26       •   b) a gzipped tarball containing (a)
27
28       •   c) a url that resolves to (b)
29
30       •   d)  a  <name>@<version>  that is published on the registry (see npm
31           help registry) with (c)
32
33       •   e) a <name>@<tag> (see npm help dist-tag) that points to (d)
34
35       •   f) a <name> that has a "latest" tag satisfying (e)
36
37       •   g) a <git remote url> that resolves to (a)
38
39
40       The publish will fail if the package name and version  combination  al‐
41       ready exists in the specified registry.
42
43       Once  a  package  is published with a given name and version, that spe‐
44       cific name and version combination can never be used again, even if  it
45       is removed with npm help unpublish.
46
47       As  of npm@5, both a sha1sum and an integrity field with a sha512sum of
48       the tarball will be submitted to the registry during publication.  Sub‐
49       sequent  installs  will use the strongest supported algorithm to verify
50       downloads.
51
52       Similar to --dry-run see npm help pack, which figures out the files  to
53       be  included  and  packs them into a tarball to be uploaded to the reg‐
54       istry.
55
56   Files included in package
57       To see what will be included in your package, run npm  pack  --dry-run.
58       All files are included by default, with the following exceptions:
59
60       •   Certain files that are relevant to package installation and distri‐
61           bution are always included. For example,  package.json,  README.md,
62           LICENSE, and so on.
63
64       •   If  there is a "files" list in package.json ⟨/configuring-npm/pack‐
65           age-json⟩, then only the files specified will be included. (If  di‐
66           rectories  are  specified, then they will be walked recursively and
67           their contents included, subject to the same ignore rules.)
68
69       •   If there is a .gitignore or .npmignore file, then ignored files  in
70           that  and  all child directories will be excluded from the package.
71           If both files exist, then the .gitignore is ignored, and  only  the
72           .npmignore is used.
73
74       .npmignore   files   follow   the   same  pattern  rules  ⟨https://git-
75       scm.com/book/en/v2/Git-Basics-Recording-Changes-to-the-Repository#_ig‐
76       noring⟩ as .gitignore files
77
78       •   If  the  file  matches  certain patterns, then it will never be in‐
79           cluded, unless explicitly  added  to  the  "files"  list  in  pack‐
80           age.json, or un-ignored with a ! rule in a .npmignore or .gitignore
81           file.
82
83       •   Symbolic links are never included in npm packages.
84
85
86       See npm help developers for full details on what's included in the pub‐
87       lished package, as well as details on how the package is built.
88
89   Configuration
90   tag
91       •   Default: "latest"
92
93       •   Type: String
94
95
96       If  you  ask npm to install a package and don't tell it a specific ver‐
97       sion, then it will install the specified tag.
98
99       Also the tag that is added to the package@version specified by the  npm
100       tag command, if no explicit tag is given.
101
102       When  used  by  the npm diff command, this is the tag used to fetch the
103       tarball that will be compared with the local files by default.
104
105   access
106       •   Default: 'public' for new packages, existing packages it  will  not
107           change the current level
108
109       •   Type: null, "restricted", or "public"
110
111
112       If you do not want your scoped package to be publicly viewable (and in‐
113       stallable) set --access=restricted.
114
115       Unscoped packages can not be set to restricted.
116
117       Note: This defaults to not changing the current access level for exist‐
118       ing packages. Specifying a value of restricted or public during publish
119       will change the access for an existing package the same  way  that  npm
120       access set status would.
121
122   dry-run
123       •   Default: false
124
125       •   Type: Boolean
126
127
128       Indicates  that  you  don't  want  npm  to make any changes and that it
129       should only report what it would have done. This can be passed into any
130       of  the  commands that modify your local installation, eg, install, up‐
131       date, dedupe, uninstall, as well as pack and publish.
132
133       Note: This is NOT honored by other network related commands,  eg  dist-
134       tags, owner, etc.
135
136   otp
137       •   Default: null
138
139       •   Type: null or String
140
141
142       This  is  a  one-time  password  from  a two-factor authenticator. It's
143       needed when publishing or changing package permissions with npm access.
144
145       If not set, and a registry response fails with a challenge for  a  one-
146       time password, npm will prompt on the command line for one.
147
148   workspace
149       •   Default:
150
151       •   Type: String (can be set multiple times)
152
153
154       Enable running a command in the context of the configured workspaces of
155       the current project while filtering by running only the workspaces  de‐
156       fined by this configuration option.
157
158       Valid values for the workspace config are either:
159
160       •   Workspace names
161
162       •   Path to a workspace directory
163
164       •   Path  to a parent workspace directory (will result in selecting all
165           workspaces within that folder)
166
167
168       When set for the npm init command, this may be set to the folder  of  a
169       workspace  which does not yet exist, to create the folder and set it up
170       as a brand new workspace within the project.
171
172       This value is not exported to the environment for child processes.
173
174   workspaces
175       •   Default: null
176
177       •   Type: null or Boolean
178
179
180       Set to true to run  the  command  in  the  context  of  all  configured
181       workspaces.
182
183       Explicitly  setting  this  to false will cause commands like install to
184       ignore workspaces altogether. When not set explicitly:
185
186       •   Commands that operate on the node_modules  tree  (install,  update,
187           etc.) will link workspaces into the node_modules folder. - Commands
188           that do other things (test, exec, publish, etc.)  will  operate  on
189           the  root  project,  unless one or more workspaces are specified in
190           the workspace config.
191
192
193       This value is not exported to the environment for child processes.
194
195   include-workspace-root
196       •   Default: false
197
198       •   Type: Boolean
199
200
201       Include the workspace root when workspaces are enabled for a command.
202
203       When false, specifying individual workspaces via the workspace  config,
204       or  all  workspaces  via the workspaces flag, will cause npm to operate
205       only on the specified workspaces, and not on the root project.
206
207       This value is not exported to the environment for child processes.
208
209   provenance
210       •   Default: false
211
212       •   Type: Boolean
213
214
215       When publishing from a supported cloud CI/CD system, the  package  will
216       be publicly linked to where it was built and published from.
217
218       This config can not be used with: provenance-file
219
220   provenance-file
221       •   Default: null
222
223       •   Type: Path
224
225
226       When publishing, the provenance bundle at the given path will be used.
227
228       This config can not be used with: provenance
229
230   See Also
231       •   npm help "package spec"
232
233       •   npm-packlist package ⟨http://npm.im/npm-packlist⟩
234
235       •   npm help registry
236
237       •   npm help scope
238
239       •   npm help adduser
240
241       •   npm help owner
242
243       •   npm help deprecate
244
245       •   npm help dist-tag
246
247       •   npm help pack
248
249       •   npm help profile
250
251
252
253                                 November 2023                  NPM-PUBLISH(1)