UNPKG

npm

Version:

a package manager for JavaScript

docs.npmjs.com

npm/cli

204 lines (111 loc) 4.91 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
--- title: npm-token section: 1 description: Manage your authentication tokens --- ### Synopsis ```bash npm token list npm token revoke <id|token> npm token create ``` Note: This command is unaware of workspaces. ### Description This lets you list, create and revoke authentication tokens. #### Listing tokens When listing tokens, an abbreviated token will be displayed. For security purposes the full token is not displayed. #### Generating tokens When generating tokens, you will be prompted you for your password and, if you have two-factor authentication enabled, an otp. Please refer to the [docs website](https://docs.npmjs.com/creating-and-viewing-access-tokens) for more information on generating tokens for CI/CD. #### Revoking tokens When revoking a token, you can use the full token (e.g. what you get back from `npm token create`, or as can be found in an `.npmrc` file), or a truncated id. If the given truncated id is not distinct enough to differentiate between multiple existing tokens, you will need to use enough of the id to allow npm to distinguish between them. Full token ids can be found on the [npm website](https://www.npmjs.com), or in the `--parseable` or `--json` output of `npm token list`. This command will NOT accept the truncated token found in the normal `npm token list` output. A revoked token will immediately be removed from the registry and you will no longer be able to use it. ### Configuration #### `name` * Default: null * Type: null or String When creating a Granular Access Token with `npm token create`, this sets the name/description for the token. #### `token-description` * Default: null * Type: null or String Description text for the token when using `npm token create`. #### `expires` * Default: null * Type: null or Number When creating a Granular Access Token with `npm token create`, this sets the expiration in days. If not specified, the server will determine the default expiration. #### `packages` * Default: * Type: null or String (can be set multiple times) When creating a Granular Access Token with `npm token create`, this limits the token access to specific packages. #### `packages-all` * Default: false * Type: Boolean When creating a Granular Access Token with `npm token create`, grants the token access to all packages instead of limiting to specific packages. #### `scopes` * Default: null * Type: null or String (can be set multiple times) When creating a Granular Access Token with `npm token create`, this limits the token access to specific scopes. Provide a scope name (with or without @ prefix). #### `orgs` * Default: null * Type: null or String (can be set multiple times) When creating a Granular Access Token with `npm token create`, this limits the token access to specific organizations. #### `packages-and-scopes-permission` * Default: null * Type: null, "read-only", "read-write", or "no-access" When creating a Granular Access Token with `npm token create`, sets the permission level for packages and scopes. Options are "read-only", "read-write", or "no-access". #### `orgs-permission` * Default: null * Type: null, "read-only", "read-write", or "no-access" When creating a Granular Access Token with `npm token create`, sets the permission level for organizations. Options are "read-only", "read-write", or "no-access". #### `cidr` * Default: null * Type: null or String (can be set multiple times) This is a list of CIDR address to be used when configuring limited access tokens with the `npm token create` command. #### `bypass-2fa` * Default: false * Type: Boolean When creating a Granular Access Token with `npm token create`, setting this to true will allow the token to bypass two-factor authentication. This is useful for automation and CI/CD workflows. #### `password` * Default: null * Type: null or String Password for authentication. Can be provided via command line when creating tokens, though it's generally safer to be prompted for it. #### `registry` * Default: "https://registry.npmjs.org/" * Type: URL The base URL of the npm registry. #### `otp` * Default: null * Type: null or String This is a one-time password from a two-factor authenticator. It's needed when publishing or changing package permissions with `npm access`. If not set, and a registry response fails with a challenge for a one-time password, npm will prompt on the command line for one. #### `read-only` * Default: false * Type: Boolean This is used to mark a token as unable to publish when configuring limited access tokens with the `npm token create` command. ### See Also * [npm adduser](/commands/npm-adduser) * [npm registry](/using-npm/registry) * [npm config](/commands/npm-config) * [npmrc](/configuring-npm/npmrc) * [npm owner](/commands/npm-owner) * [npm whoami](/commands/npm-whoami) * [npm profile](/commands/npm-profile)