Support 2fa / otp when publishing

boltpkg / bolt

⚡️ Super-powered JavaScript project management

MIT License

2.35k stars 82 forks source link

Support 2fa / otp when publishing #202

Open jesstelford opened 6 years ago

jesstelford commented 6 years ago

There's currently no way to pass a OTP password to npm when running bolt publish.

Looks like adding the tty: true option within bolt might allow entering a OTP on the cli whenever npm asks for it?

These output pipelines might also have to be disabled, otherwise the terminal may get all screwy.

mxstbr commented 6 years ago

Ahhh I didn't see this before setting up my entire repo with bolt, but now I can't publish anything since I have 2FA enabled :cry: Any workarounds?

Probably also related to #163? That would allow one to just pass the --otp flag I think.

mxstbr commented 6 years ago

This workaround worked! :tada: https://github.com/lerna/lerna/issues/1091

NPM_CONFIG_OTP=123456 bolt publish

jesstelford commented 6 years ago

Nice find!

🤔 As mentioned in that thread; There's a situation where a long running publish (or prepublish) step can result in an expired OTP by the time it makes its way to npm.