npm - @arisnetxsolutions/quantum-core-sdk - Versions diffs - 1.0.1 → 1.0.3 - Mend

@arisnetxsolutions/quantum-core-sdk 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/README.md +29 -51
package/package.json +3 -4

package/README.md CHANGED Viewed

@@ -4,7 +4,8 @@ Type-safe TypeScript library for consuming content from your QuantumCore Headles
 ## Installation
 ```bash
-npm install @quantum-core/sdk
+# replace with the actual package name once published
+npm install quantum-core-sdk
 ```
 ## Usage
@@ -40,61 +41,38 @@ const images = await cms2.gallery.getAll();
 - **Simplified API**: Simple methods for blog and gallery content.
 ## Publishing to npm
-When you're ready to release a new version of the SDK, follow these steps:
-1. **Update the version** in `packages/sdk/package.json` (use semantic versioning).
-   make sure the `name` field is set to `@quantum-core/sdk` so you publish to the
-   scoped namespace rather than the global `sdk` package. Note that the scope
-   must exist: either create an **organization** called `quantum-core` on
-   <https://www.npmjs.com/org> or use `npm org create quantum-core` (if you have a
-   paid account). You will also need to be a member of that org. If the scope does
-   not exist the publish attempt will return a 404 with "Scope not found".
-   Alternatively, if you don't want a scope you can choose an unscoped name like
-   `@quantumcoresdk` or simply `quantum-core-sdk`.
-2. Run `npm run build` from `packages/sdk` to ensure `dist/` is up to date.
-3. Log in to npm if you haven't already:
+1. Ensure the `name` field in `packages/sdk/package.json` reflects the
+   package you intend to publish (currently `quantum-core-sdk`).
+   Since this is now an **unscoped** package there is no need to create an npm
+   organization or worry about scope permissions; simply pick a name that isn’t
+   already taken on the registry. If you ever switch back to a scoped name, the
+   rules earlier in this document about creating the scope and having publish
+   rights apply.
+   `quantum-core-sdk` instead.
+2. Update the version (semantic versioning) and commit the change.
+3. Run `npm run build` to regenerate `dist/`.
+4. Authenticate using an OTP or a token with 2FA bypass:
    ```bash
-   cd packages/sdk
+   # interactive
    npm login
+   # you will be prompted for a 2FA code
+   # or with an environment token
+   export NPM_TOKEN="<your-token>"
+   npm publish --access public
    ```
-4. Publish the package:
+   (on Windows set the variable with `setx` or choose the command-line flag
+   `--//registry.npmjs.org/:_authToken=$NPM_TOKEN`).
+5. Publish:
    ```bash
+   cd packages/sdk
    npm publish --access public
    ```
-   The `--access public` flag is still required for scoped packages. If your npm
-   account has two‑factor authentication enabled you'll encounter a 403 unless you
-   either:
-   * run `npm login` and enter the one‑time 2FA code when prompted (interactive). You
-     can also supply the OTP during publish with `npm publish --otp=<code>`.
-   * or, for automation or CI, create a **publish token** with `automation=publish`
-     and `bypass 2fa` from your npm account settings and export it as `NPM_TOKEN`.
-     For example:
-     ```bash
-     export NPM_TOKEN="<your-token>"
-     npm publish --access public
-     ```
-     (on Windows `setx NPM_TOKEN "<your-token>"` or use the appropriate method).
-   The error message in your last attempt:
-   > npm error 403 Forbidden - Two-factor authentication or granular access token
-   > with bypass 2fa enabled is required to publish packages.
-   indicates the credentials used by the CLI did not have bypass permission; the
-   login command you ran (`npm login automation=publish, bypass 2fa`) does not
-   actually attach a token to subsequent requests, which is why the publish still
-   failed. Use a real token or interactive login/OTP approach instead.
-   Also be sure you don't accidentally publish your local `.env` file – the
-   included `.npmignore` now explicitly lists `.env` to prevent that.
+   If you still see a 404, it means the scope doesn’t exist or you lack
+   permissions; 403 indicates a 2FA issue.
+   The `publish` script in `package.json` currently embeds a token – be
+   cautious about committing that to source control.
-> The package name (`@quantum-core/sdk`) is scoped, so `--access public` is required
-> for public registries. You can also run `npm version patch|minor|major` to bump the
-> version and automatically create a git tag before publishing.
->
-> Make sure you have access to the `@quantum-core` scope on npm (ask the org owner to
-> add you if necessary). If 2FA is enabled, either publish with a token that allows
-> bypassing 2FA or use `npm login` + one‑time code.
->
->Your changes should be committed and tagged in Git before publishing.
+6. After publishing, update installation instructions above with the
+   real package name and bump the version for future releases.

package/package.json CHANGED Viewed

@@ -1,13 +1,12 @@
 {
   "name": "@arisnetxsolutions/quantum-core-sdk",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "scripts": {
     "build": "npx tsc",
-    "publish": "npm publish --access public --//registry.npmjs.org/:_authToken=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",
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "publish": "npm publish --access public --//registry.npmjs.org/:_authToken=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"
   },
   "keywords": [],
   "author": "",
@@ -21,4 +20,4 @@
   "devDependencies": {
     "@types/node": "^25.4.0"
   }
-}
+}