fix(publish): skip workspace packages marked private on publish (#7564)

milaninfy · web-flow · commit e4c7a410f590 · 2024-05-29T07:29:14.000-07:00
`npm publish --workspaces` will skip workspace packages marked as private in package.json. Currently it's skipping those packages only when you have configured auth for those packages, it would error out with `ENEEDAUTH` if it doesn't find the valid auth information. this fix checks for the private property before checking for auth for the packages that will essentially not going to get published. Fixes #7199
diff --git a/lib/commands/publish.js b/lib/commands/publish.js
@@ -127,6 +127,15 @@ class Publish extends BaseCommand {
     const noCreds = !(creds.token || creds.username || creds.certfile && creds.keyfile)
     const outputRegistry = replaceInfo(registry)
 
+    // if a workspace package is marked private then we skip it
+    if (workspace && manifest.private) {
+      throw Object.assign(
+        new Error(`This package has been marked as private
+  Remove the 'private' field from the package.json to publish it.`),
+        { code: 'EPRIVATE' }
+      )
+    }
+
     if (noCreds) {
       const msg = `This command requires you to be logged in to ${outputRegistry}`
       if (dryRun) {
diff --git a/tap-snapshots/test/lib/commands/publish.js.test.cjs b/tap-snapshots/test/lib/commands/publish.js.test.cjs
@@ -418,6 +418,10 @@ Array [
 ]
 `
 
+exports[`test/lib/commands/publish.js TAP workspaces all workspaces - some marked private > one marked private 1`] = `
++ workspace-a@1.2.3-a
+`
+
 exports[`test/lib/commands/publish.js TAP workspaces json > all workspaces in json 1`] = `
 {
   "workspace-a": {
diff --git a/test/lib/commands/publish.js b/test/lib/commands/publish.js
@@ -617,6 +617,48 @@ t.test('workspaces', t => {
     await t.rejects(npm.exec('publish', []), { code: 'E404' })
   })
 
+  t.test('all workspaces - some marked private', async t => {
+    const testDir = {
+      'package.json': JSON.stringify(
+        {
+          ...pkgJson,
+          workspaces: ['workspace-a', 'workspace-p'],
+        }, null, 2),
+      'workspace-a': {
+        'package.json': JSON.stringify({
+          name: 'workspace-a',
+          version: '1.2.3-a',
+        }),
+      },
+      'workspace-p': {
+        'package.json': JSON.stringify({
+          name: '@scoped/workspace-p',
+          private: true,
+          version: '1.2.3-p-scoped',
+        }),
+      },
+    }
+
+    const { npm, joinedOutput } = await loadMockNpm(t, {
+      config: {
+        ...auth,
+        workspaces: true,
+      },
+      prefixDir: testDir,
+    })
+    const registry = new MockRegistry({
+      tap: t,
+      registry: npm.config.get('registry'),
+      authorization: token,
+    })
+    registry.nock
+      .put('/workspace-a', body => {
+        return t.match(body, { name: 'workspace-a' })
+      }).reply(200, {})
+    await npm.exec('publish', [])
+    t.matchSnapshot(joinedOutput(), 'one marked private')
+  })
+
   t.test('invalid workspace', async t => {
     const { npm } = await loadMockNpm(t, {
       config: {

Original file line number	Diff line number	Diff line change
`@@ -418,6 +418,10 @@ Array [`
`418`	`418`	`]`
`419`	`419`	`
`420`	`420`
	`421`	+exports[`test/lib/commands/publish.js TAP workspaces all workspaces - some marked private > one marked private 1`] = `
	`422`	`++ workspace-a@1.2.3-a`
	`423`	+`
	`424`	`+`
`421`	`425`	exports[`test/lib/commands/publish.js TAP workspaces json > all workspaces in json 1`] = `
`422`	`426`	`{`
`423`	`427`	`"workspace-a": {`