{"id":13393461,"url":"https://github.com/sindresorhus/np","last_synced_at":"2026-01-29T05:14:40.828Z","repository":{"id":36500868,"uuid":"40806530","full_name":"sindresorhus/np","owner":"sindresorhus","description":"A better `npm publish`","archived":false,"fork":false,"pushed_at":"2026-01-24T03:10:30.000Z","size":1150,"stargazers_count":7678,"open_issues_count":1,"forks_count":310,"subscribers_count":30,"default_branch":"main","last_synced_at":"2026-01-26T19:50:17.460Z","etag":null,"topics":["cli","cli-app","javascript","nodejs","npm","npm-package","npm-publish","publish","yarn"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sindresorhus.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"license","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"sindresorhus","open_collective":"sindresorhus","buy_me_a_coffee":"sindresorhus","custom":"https://sindresorhus.com/donate"}},"created_at":"2015-08-16T09:06:06.000Z","updated_at":"2026-01-24T15:58:57.000Z","dependencies_parsed_at":"2024-01-13T10:13:21.417Z","dependency_job_id":"d22a5f90-8457-4ae3-9510-96c8b5835220","html_url":"https://github.com/sindresorhus/np","commit_stats":{"total_commits":400,"total_committers":96,"mean_commits":4.166666666666667,"dds":0.5425,"last_synced_commit":"1965a6b3dfe8ea78806b70c5ebe23a95a77b4156"},"previous_names":[],"tags_count":98,"template":false,"template_full_name":null,"purl":"pkg:github/sindresorhus/np","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sindresorhus%2Fnp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sindresorhus%2Fnp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sindresorhus%2Fnp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sindresorhus%2Fnp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sindresorhus","download_url":"https://codeload.github.com/sindresorhus/np/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sindresorhus%2Fnp/sbom","scorecard":{"id":826625,"data":{"date":"2025-08-11","repo":{"name":"github.com/sindresorhus/np","commit":"75a2e36dc8467f6e1cc78d02deb0c6073b06dc80"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.9,"checks":[{"name":"Maintained","score":1,"reason":"2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/main.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":4,"reason":"Found 14/30 approved changesets -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sindresorhus/np/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/sindresorhus/np/main.yml/main?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/main.yml:24","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: license:0","Info: FSF or OSI recognized license: MIT License: license:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 14 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-23T16:45:15.715Z","repository_id":36500868,"created_at":"2025-08-23T16:45:15.715Z","updated_at":"2025-08-23T16:45:15.715Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28812371,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-27T07:41:26.337Z","status":"ssl_error","status_checked_at":"2026-01-27T07:41:08.776Z","response_time":168,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","cli-app","javascript","nodejs","npm","npm-package","npm-publish","publish","yarn"],"created_at":"2024-07-30T17:00:53.414Z","updated_at":"2026-01-29T05:14:40.818Z","avatar_url":"https://github.com/sindresorhus.png","language":"JavaScript","readme":"# np [![XO code style](https://shields.io/badge/code_style-5ed9c7?logo=xo\u0026labelColor=gray\u0026logoSize=auto\u0026logoWidth=20)](https://github.com/xojs/xo)\n\n\u003e A better `npm publish`\n\n\u003cimg src=\"media/screenshot.gif\" width=\"688\"\u003e\n\n## Why\n\n- [Interactive UI](#interactive-ui)\n- Ensures you are publishing from your release branch (`main` and `master` by default)\n- Ensures the working directory is clean and that there are no unpulled changes\n- Reinstalls dependencies to ensure your project works with the latest dependency tree\n- Ensures your Node.js and npm versions are supported by the project and its dependencies\n- Runs the tests\n- Bumps the version in package.json and npm-shrinkwrap.json (if present) and creates a git tag\n- Prevents [accidental publishing](https://github.com/npm/npm/issues/13248) of pre-release versions under the `latest` [dist-tag](https://docs.npmjs.com/cli/dist-tag)\n- Publishes the new version to npm, optionally under a dist-tag\n- Rolls back the project to its previous state in case publishing fails\n- Pushes commits and tags (newly \u0026 previously created) to GitHub/GitLab\n- Supports [two-factor authentication](https://docs.npmjs.com/getting-started/using-two-factor-authentication)\n- Enables two-factor authentication on new repositories\n  \u003cbr\u003e\n  \u003csub\u003e(does not apply to external registries)\u003c/sub\u003e\n- Opens a prefilled GitHub Releases draft after publish\n- Warns about the possibility of extraneous files being published\n- See exactly what will be executed with [preview mode](https://github.com/sindresorhus/np/issues/391), without pushing or publishing anything remotely\n- Supports [GitHub Packages](https://github.com/features/packages)\n- Supports npm 9+, Yarn (Classic and Berry), pnpm 8+, and Bun\n\n### Why not\n\n- Monorepos are not supported.\n- CI is [not an ideal environment](https://github.com/sindresorhus/np/issues/619#issuecomment-994493179) for `np`. It's meant to be used locally as an interactive tool.\n\n## Prerequisite\n\n- Node.js 20 or later\n- npm 9 or later\n- Git 2.11 or later\n\n## Install\n\n```sh\nnpm install --global np\n```\n\n## Usage\n\n```\n$ np --help\n\n  Usage\n    $ np \u003cversion\u003e\n\n    Version can be:\n      patch | minor | major | prepatch | preminor | premajor | prerelease | 1.2.3\n\n  Options\n    --any-branch            Allow publishing from any branch\n    --branch                Name of the release branch (default: main | master)\n    --no-cleanup            Skips cleanup of node_modules\n    --no-tests              Skips tests\n    --yolo                  Skips cleanup and testing\n    --no-publish            Skips publishing\n    --preview               Show tasks without actually executing them\n    --tag                   Publish under a given dist-tag\n    --contents              Subdirectory to publish\n    --no-release-draft      Skips opening a GitHub release draft\n    --release-draft-only    Only opens a GitHub release draft for the latest published version\n    --no-release-notes      Skips generating release notes when opening a GitHub release draft\n    --test-script           Name of npm run script to run tests before publishing (default: test)\n    --no-2fa                Don't enable 2FA on new packages (not recommended)\n    --message               Version bump commit message, '%s' will be replaced with version (default: '%s' with npm and 'v%s' with yarn)\n    --package-manager       Use a specific package manager (default: 'packageManager' field in package.json)\n    --provenance            Publish with npm provenance statements (CI-only)\n    --remote                Git remote to push to (default: origin)\n\n  Examples\n    $ np\n    $ np patch\n    $ np 1.0.2\n    $ np 1.0.2-beta.3 --tag=beta\n    $ np 1.0.2-beta.3 --tag=beta --contents=dist\n```\n\n## Interactive UI\n\nRun `np` without arguments to launch the interactive UI that guides you through publishing a new version.\n\n\u003cimg src=\"media/screenshot-ui.png\" width=\"1290\"\u003e\n\n## Config\n\n`np` can be configured both globally and locally. When using the global `np` binary, you can configure any of the CLI flags in either a `.np-config.js` (as CJS), `.np-config.cjs`, `.np-config.mjs`, or `.np-config.json` file in the home directory. When using the local `np` binary, for example, in a `npm run` script, you can configure `np` by setting the flags in either a top-level `np` field in `package.json` or in one of the aforementioned file types in the project directory. If it exists, the local installation will always take precedence. This ensures any local config matches the version of `np` it was designed for.\n\nCurrently, these are the flags you can configure:\n\n- `anyBranch` - Allow publishing from any branch (`false` by default).\n- `branch` - Name of the release branch (`main` or `master` by default).\n- `cleanup` - Cleanup `node_modules` (`true` by default).\n- `tests` - Run `npm test` (`true` by default).\n- `yolo` - Skip cleanup and testing (`false` by default).\n- `publish` - Publish (`true` by default).\n- `preview` - Show tasks without actually executing them (`false` by default).\n- `tag` - Publish under a given dist-tag (`latest` by default).\n- `contents` - Subdirectory to publish (`.` by default).\n- `releaseDraft` - Open a GitHub release draft after releasing (`true` by default).\n- `releaseNotes` - Auto-generate release notes when opening a GitHub release draft (`true` by default).\n- `testScript` - Name of npm run script to run tests before publishing (`test` by default).\n- `2fa` - Enable 2FA on new packages (`true` by default) (setting this to `false` is not recommended).\n- `message` - The commit message used for the version bump. Any `%s` in the string will be replaced with the new version. By default, npm uses `%s` and Yarn uses `v%s`.\n- `packageManager` - Set the package manager to be used. Defaults to the [packageManager field in package.json](https://nodejs.org/dist/latest-v16.x/docs/api/all.html#all_packages_packagemanager), so only use if you can't update package.json for some reason.\n- `provenance` - Publish with [npm provenance statements](https://docs.npmjs.com/generating-provenance-statements) (`false` by default). Requires npm 9.5.0+ and a supported CI environment (GitHub Actions or GitLab CI/CD).\n- `remote` - Git remote to push tags and commits to. Useful when publishing from a fork where `origin` is your fork and `upstream` is the main repository.\n\nFor example, this configures `np` to use `unit-test` as a test script, and to use `dist` as the subdirectory to publish:\n\n`package.json`\n```json\n{\n\t\"name\": \"superb-package\",\n\t\"np\": {\n\t\t\"testScript\": \"unit-test\",\n\t\t\"contents\": \"dist\"\n\t}\n}\n```\n\n`.np-config.json`\n```json\n{\n\t\"testScript\": \"unit-test\",\n\t\"contents\": \"dist\"\n}\n```\n\n`.np-config.js` or `.np-config.cjs`\n```js\nmodule.exports = {\n\ttestScript: 'unit-test',\n\tcontents: 'dist'\n};\n```\n\n`.np-config.mjs`\n```js\nexport default {\n\ttestScript: 'unit-test',\n\tcontents: 'dist'\n};\n```\n\n_**Note:** The global config only applies when using the global `np` binary, and is never inherited when using a local binary._\n\n## Tips\n\n### npm hooks\n\nYou can use any of the test/version/publish related [npm lifecycle hooks](https://docs.npmjs.com/misc/scripts) in your package.json to add extra behavior.\n\nFor example, here we build the documentation before tagging the release:\n\n```json\n{\n\t\"name\": \"my-awesome-package\",\n\t\"scripts\": {\n\t\t\"version\": \"./build-docs \u0026\u0026 git add docs\"\n\t}\n}\n```\n\n### Release script\n\nYou can also add `np` to a custom script in `package.json`. This can be useful if you want all maintainers of a package to release the same way (Not forgetting to push Git tags, for example). However, you can't use `publish` as name of your script because it's an [npm defined lifecycle hook](https://docs.npmjs.com/misc/scripts).\n\n```json\n{\n\t\"name\": \"my-awesome-package\",\n\t\"scripts\": {\n\t\t\"release\": \"np\"\n\t},\n\t\"devDependencies\": {\n\t\t\"np\": \"*\"\n\t}\n}\n```\n\n### User-defined tests\n\nIf you want to run a user-defined test script before publishing instead of the normal `npm test` or `yarn test`, you can use `--test-script` flag or the `testScript` config. This can be useful when your normal test script is running with a `--watch` flag or in case you want to run some specific tests (maybe on the packaged files) before publishing.\n\nFor example, `np --test-script=publish-test` would run the `publish-test` script instead of the default `test`.\n\n```json\n{\n\t\"name\": \"my-awesome-package\",\n\t\"scripts\": {\n\t\t\"test\": \"ava --watch\",\n\t\t\"publish-test\": \"ava\"\n\t},\n\t\"devDependencies\": {\n\t\t\"np\": \"*\"\n\t}\n}\n```\n\n### Signed Git tag\n\nSet the [`sign-git-tag`](https://docs.npmjs.com/misc/config#sign-git-tag) npm config to have the Git tag signed:\n\n```\n$ npm config set sign-git-tag true\n```\n\nOr set the [`version-sign-git-tag`](https://yarnpkg.com/lang/en/docs/cli/version/#toc-git-tags) Yarn config:\n\n```\n$ yarn config set version-sign-git-tag true\n```\n\n### Private packages\n\n\u003cimg src=\"media/private-packages.png\" width=\"260\" align=\"right\"\u003e\n\nYou can use `np` for packages that aren't publicly published to npm (perhaps installed from a private git repo).\n\nSet `\"private\": true` in your `package.json` and the publishing step will be skipped. All other steps\nincluding versioning and pushing tags will still be completed.\n\n### Public scoped packages\n\nTo publish [scoped packages](https://docs.npmjs.com/misc/scope#publishing-public-scoped-packages-to-the-public-npm-registry) to the public registry, you need to set the access level to `public`. You can do that by adding the following to your `package.json`:\n\n```json\n\"publishConfig\": {\n\t\"access\": \"public\"\n}\n```\n\nIf publishing a scoped package for the first time, `np` will prompt you to ask if you want to publish it publicly.\n\n**Note:** When publishing a scoped package, the first ever version you publish has to be done interactively using `np`. If not, you cannot use `np` to publish future versions of the package.\n\n### Private Org-scoped packages\n\nTo publish a [private Org-scoped package](https://docs.npmjs.com/creating-and-publishing-an-org-scoped-package#publishing-a-private-org-scoped-package), you need to set the access level to `restricted`. You can do that by adding the following to your `package.json`:\n\n```json\n\"publishConfig\": {\n\t\"access\": \"restricted\"\n}\n```\n\n### Publish to a custom registry\n\nSet the [`registry` option](https://docs.npmjs.com/misc/config#registry) in package.json to the URL of your registry:\n\n```json\n\"publishConfig\": {\n\t\"registry\": \"https://my-internal-registry.local\"\n}\n```\n\n### Package managers\n\nIf a package manager is not set in package.json, via configuration (`packageManager`), or via the CLI (`--package-manager`), `np` will attempt to infer the best package manager to use by looking for lockfiles. But it's recommended to set the [`packageManager` field](https://nodejs.org/api/packages.html#packagemanager) in your package.json to be consistent with other tools. See also the [corepack docs](https://nodejs.org/api/corepack.html).\n\n### Publish with a CI\n\nIf you use a Continuous Integration server to publish your tagged commits, use the `--no-publish` flag to skip the publishing step of `np`.\n\n### Publish to gh-pages\n\nTo publish to `gh-pages` (or any other branch that serves your static assets), install [`branchsite`](https://github.com/enriquecaballero/branchsite), an `np`-like CLI tool aimed to complement `np`, and create an [npm \"post\" hook](https://docs.npmjs.com/misc/scripts) that runs after `np`.\n\n```sh\nnpm install --save-dev branchsite\n```\n\n```json\n\"scripts\": {\n\t\"deploy\": \"np\",\n\t\"postdeploy\": \"bs\"\n}\n```\n\n### Initial version\n\nFor new packages, start the `version` field in package.json at `0.0.0` and let `np` bump it to `1.0.0` or `0.1.0` when publishing.\n\n### Release an update to an old major version\n\nTo release a minor/patch version for an old major version, create a branch from the major version's git tag and run `np`:\n\n```console\n$ git checkout -b fix-old-bug v1.0.0 # Where 1.0.0 is the previous major version\n# Create some commits…\n$ git push --set-upstream origin HEAD\n$ np patch --any-branch --tag=v1\n```\n\n### The prerequisite step runs forever on macOS\n\nIf you're using macOS Sierra 10.12.2 or later, your SSH key passphrase is no longer stored into the keychain by default. This may cause the `prerequisite` step to run forever because it prompts for your passphrase in the background. To fix this, add the following lines to your `~/.ssh/config` and run a simple Git command like `git fetch`.\n\n```\nHost *\n AddKeysToAgent yes\n UseKeychain yes\n```\n\nIf you're running into other issues when using SSH, please consult [GitHub's support article](https://help.github.com/articles/connecting-to-github-with-ssh/).\n\n### Ignore strategy\n\nThe [ignore strategy](https://docs.npmjs.com/files/package.json#files), either maintained in the `files`-property in `package.json` or in `.npmignore`, is meant to help reduce the package size. To avoid broken packages caused by essential files being accidentally ignored, `np` prints out all the new and unpublished files added to Git. Test files and other [common files](https://docs.npmjs.com/files/package.json#files) that are never published are not considered. `np` assumes either a standard directory layout or a customized layout represented in the `directories` property in `package.json`.\n\n## FAQ\n\n### I get an error when publishing my package through Yarn\n\nIf you get an error like this…\n\n```shell\n❯ Prerequisite check\n✔ Ping npm registry\n✔ Check npm version\n✔ Check yarn version\n✖ Verify user is authenticated\n\nnpm ERR! code E403\nnpm ERR! 403 Forbidden - GET https://registry.yarnpkg.com/-/package/my-awesome-package/collaborators?format=cli - Forbidden\n```\n\n…please check whether the command `npm access list collaborators my-awesome-package` succeeds. If it doesn't, Yarn has overwritten your registry URL. To fix this, add the correct registry URL to `package.json`:\n\n```json\n\"publishConfig\": {\n\t\"registry\": \"https://registry.npmjs.org\"\n}\n```\n\n### np hangs during the \"Publishing package\" step\n\nIf `np` hangs indefinitely during publishing, common causes include:\n\n**Lifecycle scripts that don't exit**\n\nnpm automatically runs lifecycle hooks like `prepublish`, `publish`, and `postpublish` during publishing. If these scripts don't exit (e.g., running in watch mode), `np` will hang.\n\n```json\n{\n\t\"scripts\": {\n\t\t\"test\": \"vitest\",\n\t\t\"publish\": \"npm run test \u0026\u0026 np\"\n\t}\n}\n```\n\n**Solution**: Don't name your scripts `publish`, `prepublish`, or `postpublish` (these are reserved npm lifecycle hooks). Use names like `release` instead:\n\n```json\n{\n\t\"scripts\": {\n\t\t\"test\": \"vitest run\",\n\t\t\"release\": \"np\"\n\t}\n}\n```\n\n**Tests running in watch mode**\n\nIf your test script runs in watch mode, it won't exit after running tests.\n\n**Solution**: Ensure your test command exits after running:\n\n```json\n{\n\t\"scripts\": {\n\t\t\"test\": \"vitest run\",\n\t\t\"test:dev\": \"vitest\"\n\t}\n}\n```\n\n**Registry configuration issues**\n\nA missing trailing slash in `.npmrc` registry configuration can cause hangs.\n\n**Solution**: Ensure registry URLs have a trailing slash:\n\n```npmrc\n@ORG:registry=https://npm.pkg.github.com/\n```\n\n## Maintainers\n\n- [Sindre Sorhus](https://github.com/sindresorhus)\n- [Tommy Mitchell](https://github.com/tommy-mitchell)\n","funding_links":["https://github.com/sponsors/sindresorhus","https://opencollective.com/sindresorhus","https://buymeacoffee.com/sindresorhus","https://sindresorhus.com/donate"],"categories":["JavaScript","Packages","Publishing to NPM","Related","Development","Shell","包","*.js","目录","工程","Uncategorized","awesome CLI 🔧","Command-line apps","cli","Web Development","\u003ca name=\"programming\"\u003e\u003c/a\u003eProgramming","Package management and publishing",":wrench: JS/TS Tooling"],"sub_categories":["Command-line apps","GitHub Actions","Release","Publishing","Test","命令行程序","Node","命令行应用","redux 扩展","Uncategorized","macros","开发者必备 🚀","Server-rendered React","调试","React"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsindresorhus%2Fnp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsindresorhus%2Fnp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsindresorhus%2Fnp/lists"}