primers
Although I have published packages before, I have never released my own package, so I tried it with the NPM Developer Guide and got the following results.
- Origin
- My GitHub
403 Forbidden
After registering for the login, the library is ready, and then NPM publish reports the following error:
Error: 403 Forbidden — PUT registry.npmjs.org/xx — You do not have permission to publish «xx». Are you logged in as the correct user?
After checking the information, I found this issue. It turned out that there was already a library with the same name in the public library. Since it is a free account, if you want to distribute packages on NPM, either change the name or pay to create a private package. Another way is to build your own service on the Intranet.
Error: 402 Payment Required
I changed the name and remembered the library I had seen before, so I copied the package with @ prefix and republished it with the following error:
Error: 402 Payment Required — PUT registry.npmjs.org/@xx/xx — You must sign up for private packages
NPM publish: @npm/package-name: @npm/package-name: @npm/package-name: @npm/package-name: @npm/package-name: @npm/package-name: @npm/package-name: @npm/package-name Therefore, the first way is to pay for the services of the private package, and the other way is to specify parameters that represent the public:
npm publish --access public
Copy the codeNote that the package name in this form corresponds to the NPM account and cannot be filled in casually.
npm init [email protected]
Copy the codeThis form represents an organization, and my-org corresponds to the organization name in NPM.
npm init [email protected]
Copy the codeThis form represents a person, and my-username corresponds to the username in NPM.
Disposal of old packages
In the process of trying, some packages were released, thinking they were just test packages and trying to remove them, but NPM officials deprecated this and recommended using the NPM Deprecate directive to inform the installer of relevant information, such as «I no longer maintain this library, please do not use it».
npm deprecate package-name "This is test package, do not use it!"
Copy the codeWhere package-name refers to the name of the published package, which may be different from the name of the library.
The release was successful, but the package could not be found on NPM
In a release, a message indicating that the release was successful was displayed, but the NPM account found no related package.
Repeatedly tried several times to find because their local registry to the Intranet of an address, no point to NPM’s official address at https://registry.npmjs.org/.
So when sending a package, first make sure to release the direction:
NPM config Get Registry or NPM config ListCopy the codeIf the reference is found to be incorrect, there are two ways to change it: Method 1: use NPM config set Registry to change the reference, but this is a global change, and then change it back if you need to publish other reference packages.
Option 2: Add the —registry parameter to the package.json file:
"publishConfig": { "registry": "https://npm.pkg.github.com/" }
Copy the codeWhen logging in, add the corresponding parameters:
npm login --registry=https://registry.npmjs.org/
Copy the codeWhen using the NPM DEPRECate directive, you also need to add the —registry parameter to be valid if the local Registry does not point correctly.
How do I determine whether the NPM account is logged in
Since published packages have different Registry points, logins point to different sources when publishing packages, so you want to see if you are logged in before publishing.
I looked at the documentation and found no specific command for viewing login status, but you can use commands that trigger a login check to see if you are logged in from the side.
It’s easy to think of the NPM login command, but after logging in once, you are prompted for your account and password.
A simple command, NPM whoami, was discovered. This command can only be executed in the login state, and if there is no login, it will prompt:
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using
npm adduser
Note that this directive without the registry parameter points to the NPM default Registry, and if this does not match, it will have no effect.
When there are multiple Registries, it is important to note that many directives require a consistent Registry to be valid.
The resources
- npm help docs
- Creating and publishing scoped public packages
- npm-deprecate
- npm-config
The German philosopher Max Weber divided rationality into two types: value rationality and instrumental rationality.
In short, we’re thinking why make money? What kind of life is happiness? When it comes to this kind of problem, the kind of rationality that we rely on is called value rationality. The reason we use when we consider the purpose of doing something is a value reason.
What is the most effective, energy saving and cost effective way to achieve a goal is instrumental rationality.
Max Weber once put forward that a very important crisis in modern society is that instrumental rationality will overtake value rationality in the whole process of modernization. Simply put, we end up forgetting why we live and why we go to work.
When I saw this, I was really in a daze, which well explains some of the numbness.
I am trying to publish the package using npm publish command. but I am getting this error every time.
npm ERR! code E403
npm ERR! 403 Forbidden - PUT https://registryname - forbidden
I have
"publishConfig": {
"registry": "https://registryname"
}
and in .npmrc
registry=https://registryname
I have tried many solutions but no luck.
Or anyone trying to publish a package (for the first time) and getting the same failure, it could also be because you just created npmjs account, and you haven’t yet verified the account creation through a link that was sent to your email address.
npm ERR! 403 403 Forbidden - PUT https://registry.npmjs.org/mac-info-lib - you must verify your email before publishing a new package: https://www.npmjs.com/email-edit
Do you have an account? You can;
- First check your account using
npm whoami - if you have an account then login, your session might be expired.
npm login. Follow the login prompt. - Then once you are logged in, make sure you are in the right directory, you wont be able to publish if you are not in the directory of the project you are working on.
Be sure to login first to the official link :
https://www.npmjs.com/login
then they will ask for mail verification(A kind of pop up at the header).
After verification npm publish will work.
Note : if still not working change package name
Or just go into your package.json and update the version number.
If your library has a name that is already existed in npm registry. It will give you this error.
npm ERR! code E403
npm ERR! 403 Forbidden - PUT https://registryname - forbidden
Solution:
- If you are publishing your package first time, you need to make sure the name is unique that is not already there.
- If you are publishing or updating new version, then make sure you update the version number in
package.jsonfie.
Comments Section
This was it for me. Thanks!
Login in the web will not impact the «npm» command line.
I am talking about initial Login or Verification of mail. While I was trying to login through cmd it was working but npm publish was not working. So I visited official page and then logged in and verified. After that npm publish started working, could be one solution this way also
Same situacion here. Thanks!
Related Topics
javascript
node.js
npm
npm-publish
Mentions
Halfer
Alex Cory
V K
Johar Zaman
Simo Dlo Mafuxwana
Mykey
Sanjeet Kumar
References
https://stackoverflow.com/questions/61479656/while-publishing-npm-getting-npm-publish-npm-err-403-forbidden-put-https-regi
You do not have permission to publish ‘package-name’
You do not have permission to publish ‘package-name’
When running semantic-release you might encounter the following error:
npm ERR! publish Failed PUT 403
npm ERR! You do not have permission to publish «<package-name>». Are you logged in as the correct user? : <package-name>
It might also happen if the package name you are trying to publish already exists (in the case of npm, you may be trying to publish a new version of a package that is not yours, hence the permission error).
To verify if your package name is available you can use
npm-name-cli
:
$ npm install —global npm-name-cli
$ npm-name <package-name>
If the package name is not available, change it in your package.json or consider using an
npm scope
.
Squashed commits are ignored by semantic-release
Squashed commits are ignored by semantic-release
semantic-release parses commits according to a
commit message convention
to figure out how they affect the codebase. Commits that doesn’t follow the project’s commit message convention are simply ignored.
When
squashing commits
most Git tools will by default generate a new commit message with a summary of the squashed commits. This commit message will most likely not be compliant with the project’s commit message convention and therefore will be ignored by semantic-release.
When squashing commits make sure to rewrite the resulting commit message to be compliant with the project’s commit message convention.
Note: if the resulting squashed commit encompasses multiple changes (for example multiple unrelated features or fixes) then it’s probably not a good idea to squash those commits together. A commit should contain exactly one self-contained functional change and a functional change should be contained in exactly one commit. See
atomic commits
.
reference already exists error when pushing tag
reference already exists error when pushing tag
semantic-release read
Git tags
that are present in the history of your release branch in order to determine the last release published. Then it determines the next version to release based on the commits pushed since then and create the corresponding tag. If a tag with the name already in your repository, Git will throw and error as tags must be unique across the repository. This situation happens when you have a version tag identical to the new one semantic-release is trying to create that is not in the history of the current branch.
If an actual release with that version number was published you need to merge all the commits up to that release into your release branch.
If there is no published release with that version number, the tag must be deleted.
# Verify if the commit exists in the repository
$ git rev-list -1 <tag name>
# If a commit sha is returned, then the tag exists
# Verify the branches having the tagged commit in their history
$ git branch —contains <tag name>
$ git push origin :refs/tags/<tag name>
release not found release branch after git push --force
release not found release branch after git push --force
semantic-release is using both
git tags
and
git notes
to store information about which releases happened in which branch.
After a git history rewrite due to a git push --force, the git tags and notes referencing the commits that were rewritten are lost.
To recover from that situation, do the following:
-
1.
Delete the tag(s) for the release(s) that have been lost from the git history. You can delete each tag from remote using
git push origin -d :[TAG NAME], e.g.git push origin -d :v2.0.0-beta.1. You can delete tags locally usinggit tag -d [TAG NAME], e.g.git tag -d v2.0.0-beta.1. -
2.
Re-create the tags locally:
git tag [TAG NAME] [COMMIT HASH], where[COMMIT HASH]is the new commit that created the release for the lost tag. E.g.git tag v2.0.0-beta.1 abcdef0 -
3.
Re-create the git notes for each release tag, e.g.
git notes --ref semantic-release add -f -m '{"channels":["beta"]}' v2.0.0-beta.1. If the release was also published in the default channel (usuallymaster), then set the first channel tonull, e.g.git notes --ref semantic-release add -f -m '{"channels":[null, "beta"]}' -
4.
Push the local notes:
git push --force origin refs/notes/semantic-release. The--forceis needed after the rebase. Be careful.