Why is .npmrc
searched for a Github token?
Also, why isn't process.env.NPM_TOKEN
checked for, like GH_TOKEN
is?
Could auto-release
inject $NPM_TOKEN
into .npmrc
for the user? (potentially useful in CI builds)
This is a GitHub enterprise thing. @adierkens can tell you more as I haven't encountered it.
Could auto-release inject $NPM_TOKEN into .npmrc for the user? (potentially useful in CI builds)
I like this. it should be do-able
This feature should probably only be enable on the CI. If it were to run locally you might accidentally commit the token.
Would this package get accomplish the desired behavior you're looking for?
https://www.npmjs.com/package/@hutson/set-npm-auth-token-for-ci
Sure, but a look at the source code reveals a very basic implementation, so it would be better to include it in auto-release
than to force the user to install another dependency.
It seems like it does what it does quite well though:
This is a bunch of functionality that if we wanted to cover all the use cases, we would have to code all of the above as well (or at least use the same packages).
In a few other cases we do the same thing as well. We defer to parse-author to parse the git author correctly and parse-github-url for the github URL. So it wouldn't be a stretch to use a package to do this.
I also like depending on packages like these so there is less code duplication in the world. Any by using this package and finding problems with it we can solve problems for future devs too!
My main issue with the package is how they also ship the CLI with the API. For that I have opened an issue here
In the meantime, we should fork the package (and maybe even open a PR). 😁
Yeah I plan on making a PR! Just want to know what the author would like. But the best path for that package is probably to do both: make a monorepo and use a smaller CLI library
The maintainer already implemented this! https://gitlab.com/hyper-expanse/open-source/set-npm-auth-token-for-ci/issues/2