pubz 0.2.5 → 0.2.8

package/dist/cli.js

@@ -308,13 +308,57 @@ async function multiSelect(message, options, allSelectedByDefault = true) {
   });
 }
 
-// src/publish.ts
+// src/auth.ts
 import { spawn } from "node:child_process";
+async function checkNpmAuth(registry) {
+  return new Promise((resolve2) => {
+    const proc = spawn("npm", ["whoami", "--registry", registry], {
+      stdio: ["inherit", "pipe", "pipe"]
+    });
+    let stdout = "";
+    let stderr = "";
+    proc.stdout?.on("data", (data) => {
+      stdout += data.toString();
+    });
+    proc.stderr?.on("data", (data) => {
+      stderr += data.toString();
+    });
+    proc.on("close", (code) => {
+      if (code === 0 && stdout.trim()) {
+        resolve2({ authenticated: true, username: stdout.trim() });
+      } else {
+        resolve2({ authenticated: false });
+      }
+    });
+  });
+}
+async function npmLogin(registry) {
+  return new Promise((resolve2) => {
+    const proc = spawn("npm", ["login", "--registry", registry], {
+      stdio: "inherit"
+    });
+    proc.on("close", (code) => {
+      if (code === 0) {
+        resolve2({ success: true });
+      } else {
+        resolve2({ success: false, error: "Login failed or was cancelled" });
+      }
+    });
+  });
+}
+async function promptForOtp() {
+  console.log("");
+  const code = await prompt(`${cyan("?")} Enter OTP code from your authenticator: `);
+  return code.trim();
+}
+
+// src/publish.ts
+import { spawn as spawn2 } from "node:child_process";
 import { readFile as readFile2, stat as stat3 } from "node:fs/promises";
 import { join as join3 } from "node:path";
 function run(command, args, cwd) {
   return new Promise((resolve2) => {
-    const proc = spawn(command, args, {
+    const proc = spawn2(command, args, {
       cwd,
       stdio: ["inherit", "pipe", "pipe"]
     });
@@ -381,18 +425,35 @@ async function verifyBuild(pkg) {
   }
   return { success: true };
 }
-async function publishPackage(pkg, registry, otp, dryRun) {
+function isOtpError(output) {
+  return output.includes("EOTP") || output.includes("one-time password");
+}
+async function publishPackage(pkg, registry, context, dryRun) {
   if (dryRun) {
     console.log(`  [DRY RUN] Would publish ${pkg.name}@${pkg.version} to ${registry}`);
     return { success: true };
   }
   console.log(`Publishing ${pkg.name}@${pkg.version}...`);
   const args = ["publish", "--registry", registry, "--access", "public"];
-  if (otp) {
-    args.push("--otp", otp);
+  if (context.otp) {
+    args.push("--otp", context.otp);
+  }
+  let result = await run("npm", args, pkg.path);
+  if (result.code !== 0 && isOtpError(result.output) && context.onOtpRequired) {
+    const otpCode = await context.onOtpRequired();
+    if (otpCode) {
+      context.otp = otpCode;
+      const retryArgs = ["publish", "--registry", registry, "--access", "public", "--otp", otpCode];
+      result = await run("npm", retryArgs, pkg.path);
+    }
   }
-  const result = await run("npm", args, pkg.path);
   if (result.code !== 0) {
+    if (isOtpError(result.output)) {
+      return {
+        success: false,
+        error: `2FA OTP required. Use --otp flag or run interactively.`
+      };
+    }
     return { success: false, error: `Failed to publish ${pkg.name}` };
   }
   console.log(`  ${pkg.name} published successfully`);
@@ -777,6 +838,42 @@ async function main() {
   console.log("");
   console.log(`Publishing to: ${cyan(registry)}`);
   console.log("");
+  if (!options.dryRun) {
+    console.log(cyan("Verifying npm authentication..."));
+    const authResult = await checkNpmAuth(registry);
+    if (!authResult.authenticated) {
+      if (options.ci) {
+        console.error(red(bold("Error:")) + " Not authenticated to npm.");
+        console.log("");
+        console.log(muted("In CI mode, you need to configure authentication:"));
+        console.log(muted("  - Set NPM_TOKEN environment variable"));
+        console.log(muted("  - Or configure .npmrc with auth token"));
+        console.log(muted("  - Or use OIDC Trusted Publishing"));
+        closePrompt();
+        process.exit(1);
+      }
+      console.log("");
+      console.log(yellow("Not logged in to npm.") + " Starting login...");
+      console.log("");
+      const loginResult = await npmLogin(registry);
+      if (!loginResult.success) {
+        console.error(red(bold("Login failed:")) + ` ${loginResult.error}`);
+        closePrompt();
+        process.exit(1);
+      }
+      const verifyAuth = await checkNpmAuth(registry);
+      if (!verifyAuth.authenticated) {
+        console.error(red(bold("Error:")) + " Login did not complete successfully.");
+        closePrompt();
+        process.exit(1);
+      }
+      console.log("");
+      console.log(green("Logged in as") + ` ${cyan(verifyAuth.username ?? "unknown")}`);
+    } else {
+      console.log(green("Authenticated as") + ` ${cyan(authResult.username ?? "unknown")}`);
+    }
+    console.log("");
+  }
   if (!options.skipBuild) {
     console.log(bold(cyan("Step 2:")) + " Building Packages");
     console.log(dim("─".repeat(30)));
@@ -838,8 +935,12 @@ async function main() {
     console.log("");
     console.log(cyan("Publishing packages..."));
     console.log("");
+    const publishContext = {
+      otp: options.otp,
+      onOtpRequired: options.ci ? undefined : promptForOtp
+    };
     for (const pkg of packages) {
-      const result = await publishPackage(pkg, registry, options.otp, options.dryRun);
+      const result = await publishPackage(pkg, registry, publishContext, options.dryRun);
       if (!result.success) {
         console.error(red(bold("Failed to publish")) + ` ${cyan(pkg.name)}: ${result.error}`);
         console.log("");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pubz",
-  "version": "0.2.5",
+  "version": "0.2.8",
   "description": "Interactive CLI for publishing npm packages (single or monorepo)",
   "type": "module",
   "bin": {