Publishing Your First NPM Package
This guide walks you through the complete process of publishing your first NPM package, drawing from my experience publishing the following packages:
@qzi/hexo-word-counter : switch to wasm and enhance the bun compatible@qzi/hexo : enhance the bun compatible and cloudflare pages support of hexohexo-theme-tweet : a concise twitter-like theme for hexo
Understanding the NPM Publish Lifecycle
---
config:
theme: 'base'
flowchart:
nodeSpacing: 5
rankSpacing: 15
padding: 5
diagramPadding: 5
themeVariables:
primaryColor: 'transparent'
primaryTextColor: '#c9d1d9'
primaryBorderColor: '#767677ff'
lineColor: '#6a9fb5'
secondaryColor: 'transparent'
tertiaryColor: 'transparent'
mainBkg: 'transparent'
nodeBorder: 'transparent'
edgeLabelBackground: 'transparent'
edgeLabelColor: '#c9d1d9'
labelBackground: 'transparent'
labelBoxBkgColor: 'transparent'
labelBoxBorderColor: 'transparent'
clusterBkg: 'transparent'
fontSize: '18px'
title: Lifecycle of Npm Publish
---
graph TB
prepublish --> prepare
prepare --> prepublishOnly
prepublishOnly --> prepack
prepack --> postpack
postpack --> publish
publish --> postpublishKey Lifecycle Scripts
prepare: Runs beforenpm publishand on localnpm install(without arguments). This is the best place for build steps (e.g., compiling TypeScript, building WASM) that need to run before the package can be used.prepublishOnly: Runs only beforenpm publish. Use this for steps that should solely happen before publishing, such as running tests (npm test) or linting (npm run lint).
Publishing Your First Package
In this section:
- Login to NPM Registry
- Publishing Your First NPM Package
Login to NPM Registry
Before publishing, you need to authenticate with the NPM Registry. This is a one-time setup that stores your credentials locally.
1 | ❯ npm login |
Publishing Your First NPM Package
Publish your public package to the NPM Registry for free.
1 | ❯ npm publish --access public |
Unpublish Your Published NPM Package
NPM Registry allows you to unpublish specific versions of your package.
1 | ❯ npm unpublish @qzi/hexo-word-counter@0.2.2 --force |
Patch Versioning
Patch versioning is used to release bug fixes.
1 | # patch versioning from v0.1.0 to v0.1.1 |
Dry Run NPM Command
Dry run is a feature that allows you to test a command without actually running it.
We can use it to test the package command without actually packaging before publishing.
--dry-run
Default: false
Type: Boolean
Indicates that you don’t want npm to make any changes and that it should only report what it would have done. This can be passed into any of the commands that modify your local installation, eg, install, update, dedupe, uninstall, as well as pack and publish.
1 | ❯ npm pack --dry-run 2>&1 |
NPM Package Name Aliasing
npm install <alias>@npm:<name>
Installing a package under a custom alias allows you to:
- Use multiple versions of the same package side-by-side.
- Create shorter names for packages with long import paths.
- Replace dependencies easily with git forks or forked npm packages.
Note: Aliasing only works on your project and does not rename packages in transitive dependencies. Aliases should follow the naming conventions stated in
validate-npm-package-name.
Examples:
1 | # package.json |
Then in a direct dependency of your project, you can import the package like this:
1 | // Your code imports from "hexo", but it actually uses @qzi/hexo under the hood |
References
- npm-scripts | npm Docs: Official documentation for npm scripts.
- npm-publish | npm Docs: Documentation for the npm publish command.
- npm-scope | npm Docs: Documentation on using scoped packages in npm.
- npm-install | npm Docs: Documentation for npm install, including package aliasing.
- validate-npm-package-name | npm: Package for validating npm package names.