shashkovdanil / clean-publish Goto Github PK
View Code? Open in Web Editor NEWRemoving configuration files and fields in package.json before publishing to npm
Home Page: https://www.npmjs.com/package/clean-publish
License: MIT License
Removing configuration files and fields in package.json before publishing to npm
Home Page: https://www.npmjs.com/package/clean-publish
License: MIT License
Right now I can't see what commits was released. This is why we have this best practices:
Release x.x.x
commit to update version
in package.json
and add section to ChangeLog.git tag -s x.x.x
(x.x.x
is a version number). You may need to have PGP keys. Upload them to GitHub, so GitHub will show that this release was made by you and not by a hacker.Every open source project must have tests (and run it on Travis CI).
At least, ESLint to check syntax error.
Technically this isn't an issue with your code (sorry in advance!), but having found this package very useful for managing our npm modules, I'm wondering if the clean-publish package can be used with the vsce publish
and vsce package
tool for packaging/publishing visual studio code extensions?
vscode extensions are very like npm modules, running on node with a package.json, etc. AFAICT, the only difference is instead of the npm
command line tool, its vsce
If it's not currently something that your module can do, are there any any plans to make it so?
➜ npx clean-publish
/usr/bin/env: ‘node\r’: No such file or directory
npm ERR! code 127
npm ERR! path /home/ai/Dev/storeon
npm ERR! command failed
npm ERR! command sh -c clean-publish
npm ERR! A complete log of this run can be found in:
npm ERR! /home/ai/.npm/_logs/2020-10-22T23_37_49_537Z-debug.log
@shashkovdanil maybe we use a Windows \r\n
and it causes a problem in npm 7 on Linux?
I think this tool has to run prepublishOnly
or prepublish
scripts from package.json
after start clone some files
Not all ignored files are a configs
Hello.
How can I use clean-publish with semantic-release?
The reason behind Cult of Martians task was not to clean files (like .eslintrc
). We already have .npmignore
for it.
The reason was to clean package.json
. For example, "eslintConfig":
key in package.json
.
yarn exec -- clean-publish
yarn exec v1.21.1
env: node\r: No such file or directory
error Command failed.
You should re-publish it with LF line-endings.
I want to run a small script during the release (which will transform ESM files to CJS). clean-publish
is a perfect place.
I am suggesting this API. package.json
:
"clean-publish": {
"beforeScript": "esm-compiler"
}
clean-publish
will call esm-compiler /home/ai/Dev/project/tmp-jv4j3hvj3
.
@shashkovdanil what do you think?
People don’t like to read docs. They mostly look for some simple way to get information. This is why small example will be great. It should show what exactly clean-publish
does and show benefits of using it.
New versions should be on top. Since most of the users will open this file to check changes in the latest release.
Need support --tag
. Command example:
npx dual-publish --tag beta
I want to use clean-publish
, so I add the publish
script to my package.json
:
"scripts": {
"publish": "clean-publish",
"postversion": "some postversion script",
"test": "some test script"
}
If I now run clean-publish --dry-run
(to see what gets exported), but the process gets caught in an endless loop.
I tried to investigate; when I look into the cleaned package.json
, I notice the following:
"scripts": {
"publish": "clean-publish",
"postversion": "some postversion script"
}
The publish
script isn't deleted and is thus being called over and over. Inside the temporary directory, I notice an endless tree of temporary directories.
Getting this vulnerability due to a dependency of clean-publish
. Though this problem only matters in devDependencies
, I feel it is better to resolve it as much as possible. I also verified that the latest version of yargs does not have this vulnerability.
Is it possible to update the dependency without breaking anything?
I want to use this tool alongside with np
, is it possible?
https://github.com/sindresorhus/np
And if answer is yes, then how?
np
supports argument --contents
to specify folder to publish, but clean-publish
creates temporary folder with a new name each time
I'm not sure about that and don't really understand what isTTY property stands for, but it looks like it might be false
even if no data provided in stdin - I've tested in github actions, and it fails with error
SyntaxError: Unexpected end of JSON input
at JSON.parse (<anonymous>)
at Socket.<anonymous> (/home/runner/work/dts-bundle-generator/dts-bundle-generator/node_modules/clean-publish/utils.js:43:29)
at Socket.emit (events.js:328:22)
at endReadableNT (_stream_readable.js:1201:12)
at processTicksAndRejections (internal/process/task_queues.js:84:21)`
clean-publish/clear-package-json.js
Lines 59 to 61 in aaafdd4
Related to actions/runner#241
@ai, не получается установить npm пользователя глобально. После перехода в tmp директорию и попытки выполнить npm publish
просит выполнить npm adduser
.
My package.json
contains {"postinstall": "simple-git-hooks && yarn-deduplicate --strategy fewer || exit 0"}
, it is unexpected to preserve on publishing.
I just found I could change it to prepare
, but it would be better to override this package's config.
To publish scoped packages we need to run npm publish --access=public
. So I suggest to add npx clean-publish --access=public
support.
/cc @shashkovdanil
Are these scripts necessary if --without-publish
is used?
version
postversion
postpack
prepublish
publish
postpublish
Is there any reason why in
clean-publish/clear-package-json.js
Line 76 in aaafdd4
process.exit()
instead of process.exit(1)
? For now this makes this script unusable in CI.Can we safely remove "files" from package.json
?
It works like .npmignore
, but in reverse.
I need to remove single file from within subfolder, but I cannot make this work... Is this possible somehow?
Good docs in the first section explain the reasons behind the tool and show some self-explain example
It allows you to specify a white list of files to publish
Hello! I've read about this package in @ai's twitter and tried to check the difference of published size for my package.
So, I use npm publish --dry-run
to check the list of file to publish and the final size of package. I think, the same mode for this package can be useful to emphasize difference between native publish and this package.
Example of dry-mod in npm:
➜ eslint-plugin-effector git:(master) ✗ npm publish --dry-run
npm notice 📦 [email protected]
npm notice === Tarball Contents ===
...
npm notice 2.0kB rules/no-ambiguity-target/no-ambiguity-target.js
...
npm notice === Tarball Details ===
npm notice name: eslint-plugin-effector
npm notice version: 0.3.1
npm notice package size: 8.4 kB
npm notice unpacked size: 34.8 kB
...
npm notice total files: 32
Реализовано:
npm publish
после копирования файлов и очистки package.jsonОсталось сделать:
npm-scripts.js
@ai, можешь пожалуйста провести код-ревью и посмотреть библиотеку?
Hello everyone, thank you for such a useful package!
Have you thought about separating the CLI API (handleOptions) of the JS API (run function content)?
And makes package.json exports.
I'll explain the motivation:
Right now, I'm using clean-publish in my CLI tools with a call to process.spawn and passing a bunch of arguments, and in monorepos with 50+ packages, such spawn becomes a liitle stuck.
I posted a draft of my thoughts here:
isuvorov@16477fc
I've solved my task, but maybe this will also be useful for you.
I can do this more neatly, write typings, add usage examples in the doc and makes PR.
The only question is, do you need such functionality in principle?
Всем привет, спасибо за такой полезный пакет!
А вы не думали над тем, чтобы отделить CLI API (handleOptions) от самой реализации JS API cleanPublish (в функциии run)?
И раздать его в package.json exports;
Поясню мотивацию:
Сейчас я использую clean-publish в своих CLI инструментах вызова process.spawn и передаю туда с кучей аргументов, и в монорепах с 50+ пакетами такой вызов становится ощутимый.
Драфт моих мыслей выложил тут:
isuvorov@16477fc
Свою задачу я решил, но может вам тоже будет это полезно.
Я могу сделать это более аккуратно, прописать тайпинги, добавить примеры использования в доку и сделать PR.
Вопрос только, нужен ли вам впринципи такой функционал?
Remove "scripts": {}
from package.json
Example:
test.js
// TODO: something
module.exports = {
env: {
browser: false,
node: true,
},
extends: ['airbnb-base', 'prettier'],
plugins: ['simple-import-sort', 'prettier'],
ignorePatterns: [
'**/node_modules/**',
'**/__*/**',
'**/lib/**',
'**/dist/**',
'**/build/**',
'**/coverage/**',
'**/public/**',
'!.gitlab-ci.js',
],
};
Expected result:
module.exports = {
env: {
browser: false,
node: true,
},
extends: ['airbnb-base', 'prettier'],
plugins: ['simple-import-sort', 'prettier'],
ignorePatterns: [
'**/node_modules/**',
'**/__*/**',
'**/lib/**',
'**/dist/**',
'**/build/**',
'**/coverage/**',
'**/public/**',
'!.gitlab-ci.js',
],
};
Actual result:
module.exports = {
env: {
browser: false,
node: true,
},
extends: ['airbnb-base', 'prettier'],
plugins: ['simple-import-sort', 'prettier'],
ignorePatterns: [
'**/node_modules
__*
lib
dist
build
coverage
public/**',
'!.gitlab-ci.js',
],
};
P.S.
For now I have turned off the option in projects, if no one takes it in 2 weeks I will fix the regular schedule at Christmas
Пока в проектах опцию выключил, если никто не возьмется за 2 недели пофикшу регулярку на рождественских
Currently the repo is ~30MB big.
./tmp
dir in the current dir is a bad idea since:
tmp/
dir will not be cleanedNode.js has a special API to create tmp dirs
Will it be a good idea to ignore ChangeLog. On one hand, npm force to put CHANGELOG to npm package. On the other, it is a huge file which very rarely is used from node_modules
.
When I run npx clean-publish --before-script ./node_modules/.bin/dual-publish
my script can’t print with color, chalk
do not see color support.
Seems like you need to replace exec
to spawn(cmd, { std: 'inherit' })
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.