Menu
Basically the thing is I'm working on a project that uses grunt for build tasks and as I have a few dependencies here and there I thought it was a good idea to declare those on a package.json so that my co-workers can npm install without being required to manually install every package at the correct version.
Now the thing is, what if someone "accidentally" runs npm publish? Is there a way to have the package.json while keeping my stuff private?
320
With npm private packages, you can use the npm registry to host code that is only visible to you and chosen collaborators, allowing you to manage and use private code alongside public code in your projects. Private packages always have a scope, and scoped packages are private by default.
json and publish it to npm using the same version. You can't publish again using the same version, or a previous one. You can read more about versioning here. Don't forget to build before publishing.
I found that npm init had automatically added dependencies based on installed packages and that there was no need to run the second command.
Yes, set private to true.
If you set
"private": truein your package.json, then npm will refuse to publish it.This is a way to prevent accidental publication of private repositories. If you would like to ensure that a given package is only ever published to a specific registry (for example, an internal registry), then use the publishConfig hash described below to override the registry config param at publish-time.
140
You can set "private" : true in your package.json file
Your CoWorkers will get an error if they try to publish it
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
