You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This feature is important to have in this repository; a contrib plugin wouldn't do
Describe the user story
Currently when publishing a package by using yarn npm publish is very unclear which version got published.
This is basically the output of a yarn npm publish:
➤ YN0000: package.json
➤ YN0000: readme/roadmap.md
➤ YN0000: Package archive published
➤ YN0000: Done in 1s 832ms
Describe the solution you'd like
This is how the same file contents looked with only npm publish:
I can see a couple more information being useful, but not everything npm displays.
Unlike npm we also tend to differentiate between the output for humans vs the output for robots (--json). Things like the shasum probably make more sense for the latter than the former.
That being said, name / version / tag name / publish registry are probably safe to show on the regular output - perhaps by reusing the new tree display we use in commands like yarn npm audit (in 4.x).
Hi, wanted to chime in on another need for this functionality in case it's helpful.
We're looking to generate SLSA provenance for our packages published using the yarn npm publish command. Since yarn doesn't support the --provenance option that's available in npm, we'll need to generate provenance manually using the generic SLSA provenance generator with the shasum of the package.
However, yarn npm publish packs the workspace and publishes the package in a single step, and that artifact isn't written anywhere locally, so we can't manually calculate the shasum for the generated package ourselves. It'd be incredibly useful if yarn npm publish output the shasum information (even if it's just part of a --json output) after the publish runs, as there really isn't any other way we can access it (unless there are workarounds I'm not aware of?)
Describe the user story
Currently when publishing a package by using
yarn npm publish
is very unclear which version got published.This is basically the output of a
yarn npm publish
:Describe the solution you'd like
This is how the same file contents looked with only
npm publish
:Describe the drawbacks of your solution
It may be slower to gather the archive or package details. But nothing else
Describe alternatives you've considered
Why not making it a plugin?
The text was updated successfully, but these errors were encountered: