Skip to content

VincentZyuApps/qwq-npm-test

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

19 Commits
.github/workflows
.github/workflows
Β 
Β 
.gitignore
.gitignore
Β 
Β 
index.js
index.js
Β 
Β 
package.json
package.json
Β 
Β 
readme.md
readme.md
Β 
Β 
test.js
test.js
Β 
Β 

Repository files navigation

qwq-npm-test

qwq-npm-test

πŸ§ͺ A sandbox repository for evaluating GitHub Actions CI/CD workflows within the npm ecosystem. πŸ“¦

npm-unscoped npm-scoped github-packages

CI Status

πŸ“Š Package Overview

Registry Package Type Badge
npmjs.org qwq-npm-test πŸ“¦ npm Unscoped npm version npm downloads
npmjs.org @vincentzyuapps/qwq-npm-test-scoped 🏷️ npm Scoped npm scoped version npm scoped downloads
GitHub Packages @vincentzyuapps/qwq-npm-test-scoped πŸ™ GitHub Packages Scoped GitHub Package

πŸ“š Package Types Explained

This project publishes 3 packages across 2 registries. Here's what each means:

πŸ“¦ npm Unscoped 🏷️ npm Scoped πŸ™ GitHub Packages Scoped
Package name qwq-npm-test @vincentzyuapps/qwq-npm-test-scoped @vincentzyuapps/qwq-npm-test-scoped
Registry npmjs.org npmjs.org npm.pkg.github.com
Default visibility Public Private (need --access public) Private (org-scoped)
Name uniqueness Global β€” first come, first served Under @owner namespace β€” no conflicts with other orgs Under GitHub org namespace
Auth NPM_TOKEN NPM_TOKEN GITHUB_TOKEN
Publish command npm publish npm publish --access public npm publish --registry https://npm.pkg.github.com

πŸ“¦ npm Unscoped

Packages without a @scope prefix have a globally unique name β€” once qwq-npm-test is taken, nobody else can publish under that name. They are always public and can be installed with npm install qwq-npm-test.

🏷️ npm Scoped

Scoped packages follow the format @owner/package-name. The name only needs to be unique within your scope, so you don't have to worry about name squatting. However, npm scoped packages are private by default β€” you need --access public to share them publicly. Install with npm install @vincentzyuapps/qwq-npm-test-scoped.

πŸ™ GitHub Packages Scoped

GitHub Packages also uses npm-compatible scoped names (@owner/name), but it points to GitHub's own registry (npm.pkg.github.com) instead of npmjs.org. It uses GITHUB_TOKEN for authentication, which is automatically available in GitHub Actions β€” no manual token setup needed. Great for keeping packages private within your organization while still using npm install.

πŸ“¦ Manual Publish to npm

# 1. Initialize
npm init -y
# 2. Login to npm (use proxychains or env proxy if needed)
npm login --registry https://registry.npmjs.org
# 3. Create .npmrc in project root, write:
#    //registry.npmjs.org/:_authToken=npm_xxxxx (Access Token from npm website)
echo "//registry.npmjs.org/:_authToken=npm_xxxxx" > .npmrc
# 4. Test
npm test
# 5. Publish unscoped package
npm publish --registry https://registry.npmjs.org
# 6. Publish scoped package
npm pkg set name=@vincentzyuapps/qwq-npm-test-scoped
npm publish --registry https://registry.npmjs.org --access public
# 7. Publish scoped package to GitHub Packages
# ... wait, why not use GitHub Actions CI?

πŸ€– Auto Publish via GitHub Actions

Prerequisites: Add these secrets in GitHub repo Settings β†’ Secrets and variables β†’ Actions β†’ New repository secret:

  • NPM_TOKEN β€” npm token with publish permission for both qwq-npm-test and @vincentzyuapps/qwq-npm-test-scoped
# 1. Init Git repo
git init
git remote add origin git@github.com:VincentZyuApps/qwq-npm-test.git
# 2. Commit and bump version
git add .
git commit -m "chore: save changes before version bump"
npm version patch
# 3. Commit again (message must start with "pub" to trigger publish)
git add .
git commit -m "pub qwq"
# 4. Push
git push -u origin master

πŸ”‘ NPM Token Setup

Field Value
Token type Granular Access Token
βœ” Bypass 2FA Required
Packages β†’ Permissions Read and write
Packages β†’ Scope All packages or include both qwq-npm-test and @vincentzyuapps/qwq-npm-test-scoped
Organizations No access
Expiration No expiration or 90 days recommended

After generating, add NPM_TOKEN in GitHub repo Settings β†’ Secrets and variables β†’ Actions.

βš™οΈ Notes

When pushing to master or main, GitHub Actions checks the commit message:

  • starts with pub (case-insensitive) β†’ auto publishes 3 packages across npmjs.org and GitHub Packages
  • otherwise β†’ skip

πŸ” CI Workflow

flowchart TD
    Push["πŸš€ Push<br>git push master / main"] --> Check["πŸ” Check<br>check-commit"]
    Check --> Q{"❓ Commit starts with 'pub'?"}
    Q -->|No| Done1["βœ… Done"]
    Q -->|Yes| Test["πŸ§ͺ Test<br>npm test"]
    Test -->|Fail| Fail["❌ Abort"]
    Test -->|Pass| Pub1["**πŸ“¦ Unscoped**<br>*npmjs.org*<br>qwq-npm-test"]
    Test -->|Pass| Pub2["**🏷️ Scoped**<br>*npmjs.org*<br>@vincentzyuapps/qwq-npm-test-scoped"]
    Test -->|Pass| Pub3["**πŸ™ GitHub Packages**<br>*npm.pkg.github.com*<br>@vincentzyuapps/qwq-npm-test-scoped"]
Loading





qwq-npm-test

About

πŸ§ͺ A sandbox repository for evaluating GitHub Actions CI/CD workflows within the npm ecosystem. πŸ“¦

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages