Description
npm now asks to complete 2FA in the browser:
npm notice Publishing to https://registry.npmjs.org/ with tag latest and default access
Authenticate your account at:
https://www.npmjs.com/auth/cli/cda65f41-0edf4e1c6f4b
Press ENTER to open in the browser...
and I find this to be better than what np does:
? Select semver increment or specify new version major 4.0.0
✔ Prerequisite check
✔ Git
✔ Bumping version using npm
⠴ Publishing package using npm (waiting for input…)
→ ? Enter OTP:
Pushing tags
Creating release draft on GitHub
Is the feature request related to a problem?
Compare the two workflows:
- Press ENTER
- Click "Use security key" (on a pre-logged-in npmjs.com)
- Touch ID
with np's:
- Pick up phone
- Unlock it
- Find Authenticator
- Locate npm on the list
- Tap it
- cmd-v on the computer (via Continuity, if it works, within 4 seconds)
Possible implementation
I don't know, but it could skip the "Press enter to continue" step and just use open to open the browser and skip one more step.
Bonus points: this would also resolve another issue because "the notification" is the whole browser getting focus.
Issues
Potentially some people don't like this new workflow
sindresorhus / np
A better `npm publish`
7.6k
How does funding with Polar work?
1
Pay now to fund the work behind this issue.
2
Get updates on progress being made.
3
Maintainer is rewarded once the issue is completed.
FAQ
Backer
You're funding impactful open source efforts
Contributor
You want to contribute to this effort
Maintainer
You want to get funding like this too