[Feature] Output published package info in output

[ironicnet]

• [X] I'd be willing to implement this feature (contributing guide)
• [X] This feature is important to have in this repository; a contrib plugin wouldn't do

Describe the user story

Currently when publishing a package by using yarn npm publish is very unclear which version got published. This is basically the output of a yarn npm publish:

➤ YN0000: package.json
➤ YN0000: readme/roadmap.md
➤ YN0000: Package archive published
➤ YN0000: Done in 1s 832ms

Describe the solution you'd like

This is how the same file contents looked with only npm publish:

npm notice 3.6kB   package.json                                                    
npm notice 5.3kB   readme/roadmap.md                                               
npm notice === Tarball Details === 
npm notice name:          @scope/package-name                         
npm notice version:       1.33.0-beta2376675.0                       
npm notice filename:      @scope/package-name-1.33.0-beta2376675.0.tgz
npm notice package size:  92.3 kB                                    
npm notice unpacked size: 435.5 kB                                   
npm notice shasum:        108cb5fd34eb83096aea56d36f6cf4ba1208a134   
npm notice integrity:     sha512-sdMJO9hsu7Z+J[...]XGwdWPzXgrZ8g==   
npm notice total files:   227                                        
npm notice 
npm notice Publishing to https://artifactory.domain/artifactory/api/npm/scope/
+ @scope/package-name@1.33.0-beta2376675.0

Describe the drawbacks of your solution It may be slower to gather the archive or package details. But nothing else

Describe alternatives you've considered

Why not making it a plugin?

• This info is already in the publish command. Forcing consumers to install a plugin for such a trivial but vital info is kinda ugly

[ironicnet]

Currently the makePublishBody already has almost all the info we need.

We are calling the makePublishBody from the publish command. So we should return that after the await and print it:

[arcanis]

I can see a couple more information being useful, but not everything npm displays.

Unlike npm we also tend to differentiate between the output for humans vs the output for robots (--json). Things like the shasum probably make more sense for the latter than the former.

That being said, name / version / tag name / publish registry are probably safe to show on the regular output - perhaps by reusing the new tree display we use in commands like yarn npm audit (in 4.x).

[rsoberano-ld]

Hi, wanted to chime in on another need for this functionality in case it's helpful.

We're looking to generate SLSA provenance for our packages published using the yarn npm publish command. Since yarn doesn't support the --provenance option that's available in npm, we'll need to generate provenance manually using the generic SLSA provenance generator with the shasum of the package.

However, yarn npm publish packs the workspace and publishes the package in a single step, and that artifact isn't written anywhere locally, so we can't manually calculate the shasum for the generated package ourselves. It'd be incredibly useful if yarn npm publish output the shasum information (even if it's just part of a --json output) after the publish runs, as there really isn't any other way we can access it (unless there are workarounds I'm not aware of?)