libnpmaccess
is a Node.js
library that provides programmatic access to the guts of the npm CLI's npm access
command. This includes managing account mfa settings, listing
packages and permissions, looking at package collaborators, and defining
package permissions for users, orgs, and teams.
const access = require('libnpmaccess')
const opts = { '//registry.npmjs.org/:_authToken: 'npm_token }
// List all packages @zkat has access to on the npm registry.
console.log(Object.keys(await access.getPackages('zkat', opts)))
libnpmaccess
uses npm-registry-fetch
.
All options are passed through directly to that library, so please refer
to its own opts
documentation
for options that can be passed in.
spec
must be an npm-package-arg
-compatible
registry spec.
Gets collaborators for a given package
Gets all packages for a given user, scope, or team.
Teams should be in the format scope:team
or @scope:team
Users and scopes can be in the format @scope
or scope
Gets the visibility of a given package
Removes the access for a given team to a package.
Teams should be in the format scope:team
or @scope:team
Sets access level for package described by spec
.
The npm registry accepts the following access
levels:
public
: package is public
private
: package is private
The npm registry also only allows scoped packages to have their access level set.
Sets the publishing mfa requirements for a given package. Level must be one of the following
none
: mfa is not required to publish this package.
publish
: mfa is required to publish this package, automation tokens
cannot be used to publish.
automation
: mfa is required to publish this package, automation tokens
may also be used for publishing from continuous integration workflows.
Sets permissions levels for a given team to a package.
Teams should be in the format scope:team
or @scope:team
The npm registry accepts the following permissions
:
read-only
: Read only permissions
read-write
: Read and write (aka publish) permissions