@pnpm/releasing.commands 1000.0.0

package/lib/publish/publish.js

@@ -0,0 +1,216 @@
+import path from 'node:path';
+import { FILTERING } from '@pnpm/cli.common-cli-options-help';
+import { docsUrl, readProjectManifest } from '@pnpm/cli.utils';
+import { types as allTypes } from '@pnpm/config.reader';
+import { PnpmError } from '@pnpm/error';
+import { runLifecycleHook } from '@pnpm/exec.lifecycle';
+import { getCurrentBranch, isGitRepo, isRemoteHistoryClean, isWorkingTreeClean } from '@pnpm/network.git-utils';
+import { rimraf } from '@zkochan/rimraf';
+import enquirer from 'enquirer';
+import { pick } from 'ramda';
+import { realpathMissing } from 'realpath-missing';
+import { renderHelp } from 'render-help';
+import { temporaryDirectory } from 'tempy';
+import { extractManifestFromPacked, isTarballPath } from './extractManifestFromPacked.js';
+import { optionsWithOtpEnv } from './otpEnv.js';
+import * as pack from './pack.js';
+import { publishPackedPkg } from './publishPackedPkg.js';
+import { recursivePublish } from './recursivePublish.js';
+export function rcOptionsTypes() {
+    return pick([
+        'access',
+        'git-checks',
+        'ignore-scripts',
+        'provenance',
+        'npm-path',
+        'otp',
+        'publish-branch',
+        'registry',
+        'tag',
+        'unsafe-perm',
+        'embed-readme',
+    ], allTypes);
+}
+export function cliOptionsTypes() {
+    return {
+        ...rcOptionsTypes(),
+        'dry-run': Boolean,
+        force: Boolean,
+        json: Boolean,
+        otp: String,
+        recursive: Boolean,
+        'report-summary': Boolean,
+    };
+}
+export const commandNames = ['publish'];
+export function help() {
+    return renderHelp({
+        description: 'Publishes a package to the npm registry.',
+        descriptionLists: [
+            {
+                title: 'Options',
+                list: [
+                    {
+                        description: "Don't check if current branch is your publish branch, clean, and up to date",
+                        name: '--no-git-checks',
+                    },
+                    {
+                        description: 'Sets branch name to publish. Default is master',
+                        name: '--publish-branch',
+                    },
+                    {
+                        description: 'Does everything a publish would do except actually publishing to the registry',
+                        name: '--dry-run',
+                    },
+                    {
+                        description: 'Show information in JSON format',
+                        name: '--json',
+                    },
+                    {
+                        description: 'Registers the published package with the given tag. By default, the "latest" tag is used.',
+                        name: '--tag <tag>',
+                    },
+                    {
+                        description: 'Tells the registry whether this package should be published as public or restricted',
+                        name: '--access <public|restricted>',
+                    },
+                    {
+                        description: 'Ignores any publish related lifecycle scripts (prepublishOnly, postpublish, and the like)',
+                        name: '--ignore-scripts',
+                    },
+                    {
+                        description: 'Packages are proceeded to be published even if their current version is already in the registry. This is useful when a "prepublishOnly" script bumps the version of the package before it is published',
+                        name: '--force',
+                    },
+                    {
+                        description: 'Save the list of the newly published packages to "pnpm-publish-summary.json". Useful when some other tooling is used to report the list of published packages.',
+                        name: '--report-summary',
+                    },
+                    {
+                        description: 'When publishing packages that require two-factor authentication, this option can specify a one-time password',
+                        name: '--otp',
+                    },
+                    {
+                        description: 'Publish all packages from the workspace',
+                        name: '--recursive',
+                        shortAlias: '-r',
+                    },
+                ],
+            },
+            FILTERING,
+        ],
+        url: docsUrl('publish'),
+        usages: ['pnpm publish [<tarball>|<dir>] [--tag <tag>] [--access <public|restricted>] [options]'],
+    });
+}
+const GIT_CHECKS_HINT = 'If you want to disable Git checks on publish, set the "git-checks" setting to "false", or run again with "--no-git-checks".';
+export async function handler(opts, params) {
+    const result = await publish(opts, params);
+    if (result?.manifest)
+        return;
+    return result;
+}
+export async function publish(opts, params) {
+    if (opts.gitChecks !== false && await isGitRepo()) {
+        if (!(await isWorkingTreeClean())) {
+            throw new PnpmError('GIT_UNCLEAN', 'Unclean working tree. Commit or stash changes first.', {
+                hint: GIT_CHECKS_HINT,
+            });
+        }
+        const branches = opts.publishBranch ? [opts.publishBranch] : ['master', 'main'];
+        const currentBranch = await getCurrentBranch();
+        if (currentBranch === null) {
+            throw new PnpmError('GIT_UNKNOWN_BRANCH', `The Git HEAD may not attached to any branch, but your "publish-branch" is set to "${branches.join('|')}".`, {
+                hint: GIT_CHECKS_HINT,
+            });
+        }
+        if (!branches.includes(currentBranch)) {
+            const { confirm } = await enquirer.prompt({
+                message: `You're on branch "${currentBranch}" but your "publish-branch" is set to "${branches.join('|')}". \
+Do you want to continue?`,
+                name: 'confirm',
+                type: 'confirm',
+            }); // eslint-disable-line @typescript-eslint/no-explicit-any
+            if (!confirm) {
+                throw new PnpmError('GIT_NOT_CORRECT_BRANCH', `Branch is not on '${branches.join('|')}'.`, {
+                    hint: GIT_CHECKS_HINT,
+                });
+            }
+        }
+        if (!(await isRemoteHistoryClean())) {
+            throw new PnpmError('GIT_NOT_LATEST', 'Remote history differs. Please pull changes.', {
+                hint: GIT_CHECKS_HINT,
+            });
+        }
+    }
+    if (opts.recursive && (opts.selectedProjectsGraph != null)) {
+        const { exitCode } = await recursivePublish({
+            ...opts,
+            selectedProjectsGraph: opts.selectedProjectsGraph,
+            workspaceDir: opts.workspaceDir ?? process.cwd(),
+        });
+        return { exitCode };
+    }
+    opts = optionsWithOtpEnv(opts, process.env);
+    const dirInParams = (params.length > 0) ? params[0] : undefined;
+    if (dirInParams != null && isTarballPath(dirInParams)) {
+        const tarballPath = dirInParams;
+        const publishedManifest = await extractManifestFromPacked(tarballPath);
+        await publishPackedPkg({
+            tarballPath,
+            publishedManifest,
+        }, opts);
+        return { exitCode: 0 };
+    }
+    const dir = dirInParams ?? opts.dir ?? process.cwd();
+    const _runScriptsIfPresent = runScriptsIfPresent.bind(null, {
+        depPath: dir,
+        extraBinPaths: opts.extraBinPaths,
+        extraEnv: opts.extraEnv,
+        pkgRoot: dir,
+        rawConfig: opts.rawConfig,
+        rootModulesDir: await realpathMissing(path.join(dir, 'node_modules')),
+        stdio: 'inherit',
+        unsafePerm: true, // when running scripts explicitly, assume that they're trusted.
+    });
+    const { manifest } = await readProjectManifest(dir, opts);
+    // Unfortunately, we cannot support postpack at the moment
+    if (!opts.ignoreScripts) {
+        await _runScriptsIfPresent([
+            'prepublishOnly',
+            'prepublish',
+        ], manifest);
+    }
+    // We have to publish the tarball from another location.
+    // Otherwise, npm would publish the package with the package.json file
+    // from the current working directory, ignoring the package.json file
+    // that was generated and packed to the tarball.
+    const packDestination = temporaryDirectory();
+    try {
+        const packResult = await pack.api({
+            ...opts,
+            dir,
+            packDestination,
+            dryRun: false,
+        });
+        await publishPackedPkg(packResult, opts);
+    }
+    finally {
+        await rimraf(packDestination);
+    }
+    if (!opts.ignoreScripts) {
+        await _runScriptsIfPresent([
+            'publish',
+            'postpublish',
+        ], manifest);
+    }
+    return { manifest };
+}
+export async function runScriptsIfPresent(opts, scriptNames, manifest) {
+    for (const scriptName of scriptNames) {
+        if (!manifest.scripts?.[scriptName])
+            continue;
+        await runLifecycleHook(scriptName, manifest, opts); // eslint-disable-line no-await-in-loop
+    }
+}
+//# sourceMappingURL=publish.js.map

package/lib/publish/publishPackedPkg.d.ts

@@ -0,0 +1,19 @@
+import type { Config } from '@pnpm/config.reader';
+import { PnpmError } from '@pnpm/error';
+import type { PackResult } from './pack.js';
+type AuthConfigKey = 'authToken' | 'authUserPass' | 'tokenHelper';
+type SslConfigKey = 'ca' | 'cert' | 'key';
+type AuthSslConfigKey = AuthConfigKey | SslConfigKey | 'authInfos' | 'sslConfigs';
+export type PublishPackedPkgOptions = Pick<Config, AuthSslConfigKey | 'dryRun' | 'fetchRetries' | 'fetchRetryFactor' | 'fetchRetryMaxtimeout' | 'fetchRetryMintimeout' | 'fetchTimeout' | 'registries' | 'tag' | 'userAgent'> & {
+    access?: 'public' | 'restricted';
+    ci?: boolean;
+    otp?: string;
+    provenance?: boolean;
+    provenanceFile?: string;
+};
+export declare function publishPackedPkg(packResult: Pick<PackResult, 'publishedManifest' | 'tarballPath'>, opts: PublishPackedPkgOptions): Promise<void>;
+export declare class PublishUnsupportedRegistryProtocolError extends PnpmError {
+    readonly registryUrl: string;
+    constructor(registryUrl: string);
+}
+export {};

package/lib/publish/publishPackedPkg.js

@@ -0,0 +1,233 @@
+import fs from 'node:fs/promises';
+import { PnpmError } from '@pnpm/error';
+import { globalInfo, globalWarn } from '@pnpm/logger';
+import { displayError } from './displayError.js';
+import { executeTokenHelper } from './executeTokenHelper.js';
+import { createFailedToPublishError } from './FailedToPublishError.js';
+import { AuthTokenError, fetchAuthToken } from './oidc/authToken.js';
+import { getIdToken, IdTokenError } from './oidc/idToken.js';
+import { determineProvenance, ProvenanceError } from './oidc/provenance.js';
+import { publishWithOtpHandling } from './otp.js';
+import { allRegistryConfigKeys, parseSupportedRegistryUrl } from './registryConfigKeys.js';
+export async function publishPackedPkg(packResult, opts) {
+    const { publishedManifest, tarballPath } = packResult;
+    const tarballData = await fs.readFile(tarballPath);
+    const publishOptions = await createPublishOptions(publishedManifest, opts);
+    const { name, version } = publishedManifest;
+    const { registry } = publishOptions;
+    globalInfo(`📦 ${name}@${version} → ${registry ?? 'the default registry'}`);
+    if (opts.dryRun) {
+        globalWarn(`Skip publishing ${name}@${version} (dry run)`);
+        return;
+    }
+    const response = await publishWithOtpHandling({ manifest: publishedManifest, tarballData, publishOptions });
+    if (response.ok) {
+        globalInfo(`✅ Published package ${name}@${version}`);
+        return;
+    }
+    throw await createFailedToPublishError(packResult, response);
+}
+async function createPublishOptions(manifest, options) {
+    const { registry, auth, ssl } = findAuthSslInfo(manifest, options);
+    const { access, ci: isFromCI, fetchRetries, fetchRetryFactor, fetchRetryMaxtimeout, fetchRetryMintimeout, fetchTimeout: timeout, otp, provenance, provenanceFile, tag: defaultTag, userAgent, } = options;
+    const headers = {
+        'npm-auth-type': 'web',
+        'npm-command': 'publish',
+    };
+    const publishOptions = {
+        access,
+        defaultTag,
+        fetchRetries,
+        fetchRetryFactor,
+        fetchRetryMaxtimeout,
+        fetchRetryMintimeout,
+        headers,
+        isFromCI,
+        otp,
+        timeout,
+        provenance,
+        provenanceFile,
+        registry,
+        userAgent,
+        // Signal to the registry that the client supports web-based authentication.
+        // Without this, the registry would never offer the web auth flow and would
+        // always fall back to prompting the user for an OTP code, even when the user
+        // has no OTP set up.
+        authType: 'web',
+        ca: ssl?.ca,
+        cert: Array.isArray(ssl?.cert) ? ssl.cert.join('\n') : ssl?.cert,
+        key: ssl?.key,
+        npmCommand: 'publish',
+        token: auth && extractToken(auth),
+        username: auth?.authUserPass?.username,
+        password: auth?.authUserPass?.password,
+    };
+    // This is necessary because getNetworkConfigs initialized them as { cert: '', key: '' }
+    // which may be a problem.
+    // The real fix is to change the type `SslConfig` into that of partial properties, but that
+    // is out of scope for now.
+    removeEmptyStringProperty(publishOptions, 'cert');
+    removeEmptyStringProperty(publishOptions, 'key');
+    if (registry) {
+        const oidcTokenProvenance = await fetchTokenAndProvenanceByOidcIfApplicable(publishOptions, manifest.name, registry, options);
+        publishOptions.token ??= oidcTokenProvenance?.authToken;
+        publishOptions.provenance ??= oidcTokenProvenance?.provenance;
+        appendAuthOptionsForRegistry(publishOptions, registry);
+    }
+    pruneUndefined(publishOptions);
+    return publishOptions;
+}
+/**
+ * Find auth and ssl information according to {@link https://docs.npmjs.com/cli/v10/configuring-npm/npmrc#auth-related-configuration}.
+ *
+ * The example `.npmrc` demonstrated inheritance.
+ */
+function findAuthSslInfo({ name }, { authInfos, sslConfigs, registries, ...defaultInfos }) {
+    // eslint-disable-next-line regexp/no-unused-capturing-group
+    const scopedMatches = /@(?<scope>[^/]+)\/(?<slug>[^/]+)/.exec(name);
+    const registryName = scopedMatches?.groups ? `@${scopedMatches.groups.scope}` : 'default';
+    const nonNormalizedRegistry = registries[registryName] ?? registries.default;
+    const supportedRegistryInfo = parseSupportedRegistryUrl(nonNormalizedRegistry);
+    if (!supportedRegistryInfo) {
+        throw new PublishUnsupportedRegistryProtocolError(nonNormalizedRegistry);
+    }
+    const { normalizedUrl: registry, longestConfigKey: initialRegistryConfigKey, } = supportedRegistryInfo;
+    const result = { registry };
+    for (const registryConfigKey of allRegistryConfigKeys(initialRegistryConfigKey)) {
+        const auth = authInfos[registryConfigKey];
+        const ssl = sslConfigs[registryConfigKey];
+        result.auth ??= auth; // old auth from longer path collectively overrides new auth from shorter path
+        result.ssl = {
+            ...ssl,
+            ...result.ssl, // old ssl from longer path individually overrides new ssl from shorter path
+        };
+    }
+    if (nonNormalizedRegistry !== registries.default &&
+        registry !== registries.default &&
+        registry !== parseSupportedRegistryUrl(registries.default)?.normalizedUrl) {
+        return result;
+    }
+    return {
+        registry,
+        auth: result.auth ?? defaultInfos, // old auth from longer path collectively overrides default auth
+        ssl: {
+            ...defaultInfos,
+            ...result.ssl, // old ssl from longer path individually overrides default ssl
+        },
+    };
+}
+function extractToken({ authToken, tokenHelper, }) {
+    if (authToken)
+        return authToken;
+    if (tokenHelper) {
+        return executeTokenHelper(tokenHelper, { globalWarn });
+    }
+    return undefined;
+}
+export class PublishUnsupportedRegistryProtocolError extends PnpmError {
+    registryUrl;
+    constructor(registryUrl) {
+        super('PUBLISH_UNSUPPORTED_REGISTRY_PROTOCOL', `Registry ${registryUrl} has an unsupported protocol`, {
+            hint: '`pnpm publish` only supports HTTP and HTTPS registries',
+        });
+        this.registryUrl = registryUrl;
+    }
+}
+/**
+ * If authentication information doesn't already set in {@link targetPublishOptions},
+ * try fetching an authentication token and provenance by OpenID Connect and return it.
+ */
+async function fetchTokenAndProvenanceByOidcIfApplicable(targetPublishOptions, packageName, registry, options) {
+    if (targetPublishOptions.token != null ||
+        (targetPublishOptions.username && targetPublishOptions.password))
+        return undefined;
+    let idToken;
+    try {
+        idToken = await getIdToken({
+            options,
+            registry,
+        });
+    }
+    catch (error) {
+        if (error instanceof IdTokenError) {
+            globalWarn(`Skipped OIDC: ${displayError(error)}`);
+            return undefined;
+        }
+        throw error;
+    }
+    if (!idToken) {
+        globalWarn('Skipped OIDC: idToken is not available');
+        return undefined;
+    }
+    let authToken;
+    try {
+        authToken = await fetchAuthToken({
+            idToken,
+            options,
+            packageName,
+            registry,
+        });
+    }
+    catch (error) {
+        if (error instanceof AuthTokenError) {
+            globalWarn(`Skipped OIDC: ${displayError(error)}`);
+            return undefined;
+        }
+        throw error;
+    }
+    if (options.provenance != null) {
+        return {
+            authToken,
+            provenance: options.provenance,
+        };
+    }
+    let provenance;
+    try {
+        provenance = await determineProvenance({
+            authToken,
+            idToken,
+            options,
+            packageName,
+            registry,
+        });
+    }
+    catch (error) {
+        if (error instanceof ProvenanceError) {
+            globalWarn(`Skipped setting provenance: ${displayError(error)}`);
+            return undefined;
+        }
+        throw error;
+    }
+    return { authToken, provenance };
+}
+/**
+ * Appends authentication information to {@link targetPublishOptions} to explicitly target {@link registry}.
+ *
+ * `libnpmpublish` has a quirk in which it only read the authentication information from `//<registry>:_authToken`
+ * instead of `token`.
+ * This function fixes that by making sure the registry specific authentication information exists.
+ */
+function appendAuthOptionsForRegistry(targetPublishOptions, registry) {
+    const registryInfo = parseSupportedRegistryUrl(registry);
+    if (!registryInfo) {
+        globalWarn(`The registry ${registry} cannot be converted into a config key. Supplement is skipped. Subsequent libnpmpublish call may fail.`);
+        return;
+    }
+    const registryConfigKey = registryInfo.longestConfigKey;
+    targetPublishOptions[`${registryConfigKey}:_authToken`] ??= targetPublishOptions.token;
+    targetPublishOptions[`${registryConfigKey}:username`] ??= targetPublishOptions.username;
+    targetPublishOptions[`${registryConfigKey}:_password`] ??= targetPublishOptions.password && btoa(targetPublishOptions.password);
+}
+function removeEmptyStringProperty(object, key) {
+    if (!object[key]) {
+        delete object[key];
+    }
+}
+function pruneUndefined(object) {
+    for (const key in object) {
+        if (object[key] === undefined) {
+            delete object[key];
+        }
+    }
+}
+//# sourceMappingURL=publishPackedPkg.js.map

package/lib/publish/recursivePublish.d.ts

@@ -0,0 +1,12 @@
+import type { Config } from '@pnpm/config.reader';
+import type { PublishPackedPkgOptions } from './publishPackedPkg.js';
+export type PublishRecursiveOpts = Required<Pick<Config, 'bin' | 'cacheDir' | 'cliOptions' | 'dir' | 'pnpmHomeDir' | 'rawConfig' | 'registries' | 'workspaceDir'>> & Partial<Pick<Config, 'tag' | 'ca' | 'catalogs' | 'cert' | 'fetchTimeout' | 'force' | 'dryRun' | 'extraBinPaths' | 'extraEnv' | 'fetchRetries' | 'fetchRetryFactor' | 'fetchRetryMaxtimeout' | 'fetchRetryMintimeout' | 'key' | 'httpProxy' | 'httpsProxy' | 'localAddress' | 'lockfileDir' | 'noProxy' | 'npmPath' | 'offline' | 'selectedProjectsGraph' | 'strictSsl' | 'unsafePerm' | 'userAgent' | 'userConfig' | 'verifyStoreIntegrity'>> & {
+    access?: 'public' | 'restricted';
+    argv: {
+        original: string[];
+    };
+    reportSummary?: boolean;
+} & PublishPackedPkgOptions;
+export declare function recursivePublish(opts: PublishRecursiveOpts & Required<Pick<Config, 'selectedProjectsGraph'>>): Promise<{
+    exitCode: number;
+}>;

package/lib/publish/recursivePublish.js

@@ -0,0 +1,114 @@
+import path from 'node:path';
+import { pickRegistryForPackage } from '@pnpm/config.pick-registry-for-package';
+import { createResolver } from '@pnpm/installing.client';
+import { logger } from '@pnpm/logger';
+import { sortProjects } from '@pnpm/workspace.projects-sorter';
+import pFilter from 'p-filter';
+import { pick } from 'ramda';
+import { writeJsonFile } from 'write-json-file';
+import { publish } from './publish.js';
+export async function recursivePublish(opts) {
+    const pkgs = Object.values(opts.selectedProjectsGraph).map((wsPkg) => wsPkg.package);
+    const { resolve } = createResolver({
+        ...opts,
+        authConfig: opts.rawConfig,
+        userConfig: opts.userConfig,
+        retry: {
+            factor: opts.fetchRetryFactor,
+            maxTimeout: opts.fetchRetryMaxtimeout,
+            minTimeout: opts.fetchRetryMintimeout,
+            retries: opts.fetchRetries,
+        },
+        timeout: opts.fetchTimeout,
+    });
+    const pkgsToPublish = await pFilter(pkgs, async (pkg) => {
+        if (!pkg.manifest.name || !pkg.manifest.version || pkg.manifest.private)
+            return false;
+        if (opts.force)
+            return true;
+        return !(await isAlreadyPublished({
+            dir: pkg.rootDir,
+            lockfileDir: opts.lockfileDir ?? pkg.rootDir,
+            registries: opts.registries,
+            resolve,
+        }, pkg.manifest.name, pkg.manifest.version));
+    });
+    const publishedPkgDirs = new Set(pkgsToPublish.map(({ rootDir }) => rootDir));
+    const publishedPackages = [];
+    if (publishedPkgDirs.size === 0) {
+        logger.info({
+            message: 'There are no new packages that should be published',
+            prefix: opts.dir,
+        });
+    }
+    else {
+        const appendedArgs = [];
+        if (opts.cliOptions['access']) {
+            appendedArgs.push(`--access=${opts.cliOptions['access']}`);
+        }
+        if (opts.dryRun) {
+            appendedArgs.push('--dry-run');
+        }
+        if (opts.force) {
+            appendedArgs.push('--force');
+        }
+        if (opts.cliOptions['otp']) {
+            appendedArgs.push(`--otp=${opts.cliOptions['otp']}`);
+        }
+        const chunks = sortProjects(opts.selectedProjectsGraph);
+        const tag = opts.tag ?? 'latest';
+        for (const chunk of chunks) {
+            // We can't run publish concurrently due to the npm CLI asking for OTP.
+            // NOTE: If we solve the OTP issue, we still need to limit packages concurrency.
+            // Otherwise, publishing will consume too much resources.
+            // See related issue: https://github.com/pnpm/pnpm/issues/6968
+            for (const pkgDir of chunk) {
+                if (!publishedPkgDirs.has(pkgDir))
+                    continue;
+                const pkg = opts.selectedProjectsGraph[pkgDir].package;
+                const registry = pkg.manifest.publishConfig?.registry ?? pickRegistryForPackage(opts.registries, pkg.manifest.name);
+                // eslint-disable-next-line no-await-in-loop
+                const publishResult = await publish({
+                    ...opts,
+                    dir: pkg.rootDir,
+                    argv: {
+                        original: [
+                            'publish',
+                            '--tag',
+                            tag,
+                            '--registry',
+                            registry,
+                            ...appendedArgs,
+                        ],
+                    },
+                    gitChecks: false,
+                    recursive: false,
+                }, [pkg.rootDir]);
+                if (publishResult?.manifest != null) {
+                    publishedPackages.push(pick(['name', 'version'], publishResult.manifest));
+                }
+                else if (publishResult?.exitCode) {
+                    return { exitCode: publishResult.exitCode };
+                }
+            }
+        }
+    }
+    if (opts.reportSummary) {
+        await writeJsonFile(path.join(opts.lockfileDir ?? opts.dir, 'pnpm-publish-summary.json'), { publishedPackages });
+    }
+    return { exitCode: 0 };
+}
+async function isAlreadyPublished(opts, pkgName, pkgVersion) {
+    try {
+        await opts.resolve({ alias: pkgName, bareSpecifier: pkgVersion }, {
+            lockfileDir: opts.lockfileDir,
+            preferredVersions: {},
+            projectDir: opts.dir,
+        });
+        return true;
+    }
+    catch (err) { // eslint-disable-line
+        return false;
+    }
+}
+//# sourceMappingURL=recursivePublish.js.map

package/lib/publish/registryConfigKeys.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Protocols currently supported.
+ */
+type SupportedRegistryScheme = 'http' | 'https';
+/**
+ * A registry URL that has been normalized to match its corresponding {@link RegistryConfigKey}.
+ */
+export type NormalizedRegistryUrl = `${SupportedRegistryScheme}://${string}/`;
+/**
+ * A config key of a registry url is a key on the `.npmrc` file. This key starts with
+ * a "//" prefix followed by a hostname and the rest of the URI and ends with a "/".
+ * They usually specify authentication information.
+ */
+export type RegistryConfigKey = `//${string}/`;
+export interface SupportedRegistryUrlInfo {
+    normalizedUrl: NormalizedRegistryUrl;
+    longestConfigKey: RegistryConfigKey;
+}
+/**
+ * If the {@link registryUrl} is an HTTP or an HTTPS registry url, return the longest
+ * {@link RegistryConfigKey} that corresponds to the registry url and a {@link NormalizedRegistryUrl}
+ * that matches it.
+ */
+export declare function parseSupportedRegistryUrl(registryUrl: string): SupportedRegistryUrlInfo | undefined;
+/**
+ * Generate all {@link RegistryConfigKey} of the same hostname from the longest to the shortest,
+ * including {@link longest} itself.
+ */
+export declare function allRegistryConfigKeys(longest: RegistryConfigKey): Generator<RegistryConfigKey, void, void>;
+export {};

package/lib/publish/registryConfigKeys.js

@@ -0,0 +1,50 @@
+import normalizeRegistryUrl from 'normalize-registry-url';
+/**
+ * If {@link text} starts with {@link oldPrefix}, replace it with {@link newPrefix}.
+ * Otherwise, return `undefined`.
+ */
+const replacePrefix = (text, oldPrefix, newPrefix) => text.startsWith(oldPrefix)
+    ? text.replace(oldPrefix, newPrefix)
+    : undefined;
+/**
+ * If {@link text} already ends with {@link suffix}, return it.
+ * Otherwise, append {@link suffix} to {@link text} and return it.
+ */
+const ensureSuffix = (text, suffix) => text.endsWith(suffix) ? text : `${text}${suffix}`;
+/**
+ * If the {@link registryUrl} is an HTTP or an HTTPS registry url, return the longest
+ * {@link RegistryConfigKey} that corresponds to the registry url and a {@link NormalizedRegistryUrl}
+ * that matches it.
+ */
+export function parseSupportedRegistryUrl(registryUrl) {
+    registryUrl = normalizeRegistryUrl(registryUrl);
+    const keyPrefix = replacePrefix(registryUrl, 'http://', '//') ?? replacePrefix(registryUrl, 'https://', '//');
+    if (!keyPrefix)
+        return undefined;
+    const normalizedUrl = ensureSuffix(registryUrl, '/');
+    const longestConfigKey = ensureSuffix(keyPrefix, '/');
+    return { normalizedUrl, longestConfigKey };
+}
+/**
+ * This value is used for termination check in {@link allRegistryConfigKeys} only.
+ * It is not actually a valid {@link RegistryConfigKey}.
+ */
+const EMPTY_REGISTRY_CONFIG_KEY = '///';
+/**
+ * Generate all {@link RegistryConfigKey} of the same hostname from the longest to the shortest,
+ * including {@link longest} itself.
+ */
+export function* allRegistryConfigKeys(longest) {
+    if (!longest.startsWith('//')) {
+        throw new RangeError(`The string ${JSON.stringify(longest)} is not a valid registry config key`);
+    }
+    if (longest === EMPTY_REGISTRY_CONFIG_KEY) {
+        throw new RangeError('Registry config key cannot be without hostname');
+    }
+    if (longest.length <= EMPTY_REGISTRY_CONFIG_KEY.length)
+        return;
+    yield longest;
+    const next = longest.replace(/[^/]*\/$/, '');
+    yield* allRegistryConfigKeys(next);
+}
+//# sourceMappingURL=registryConfigKeys.js.map