Publishing Guide
This guide covers how to publish @libar-dev/delivery-process to npm.
Prerequisites
Section titled “Prerequisites”- npm account with access to
@libar-devorganization - Logged in to npm:
npm login - All tests passing:
pnpm test
Version Strategy
Section titled “Version Strategy”We use semantic versioning with pre-release tags:
| Tag | Purpose | Install Command |
|---|---|---|
latest | Stable releases | npm i @libar-dev/delivery-process |
pre | Pre-releases (1.0.0-pre) | npm i @libar-dev/delivery-process@pre |
Publishing Workflow
Section titled “Publishing Workflow”Pre-releases (Recommended for Initial Releases)
Section titled “Pre-releases (Recommended for Initial Releases)”Pre-releases allow testing before marking as stable.
# First pre-release (e.g., 1.0.0-pre.0)npm version 1.0.0-pre.0 --no-git-tag-versiongit add package.jsongit commit -m "chore: prepare 1.0.0-pre.0"git tag v1.0.0-pre.0git push && git push --tags
# Publish to npm with 'pre' tagnpm publish --tag pre --access publicSubsequent Pre-releases
Section titled “Subsequent Pre-releases”# Bump pre-release version (1.0.0-pre.0 → 1.0.0-pre.1)pnpm release:prenpm publish --tag pre --access publicStable Releases
Section titled “Stable Releases”Before the first stable release, update publishConfig in package.json:
- Remove
"tag": "pre"frompublishConfig(or change to"tag": "latest") - Verify with
npm publish --dry-run --access public(should show taglatest, notpre)
If you skip this step, stable versions will be published under the pre dist-tag and users running npm install @libar-dev/delivery-process won’t get them.
# Patch release (1.0.0 → 1.0.1)pnpm release:patchnpm publish --access public
# Minor release (1.0.0 → 1.1.0)pnpm release:minornpm publish --access public
# Major release (1.0.0 → 2.0.0)pnpm release:majornpm publish --access publicAutomated Publishing (GitHub Actions)
Section titled “Automated Publishing (GitHub Actions)”The repository includes a GitHub Actions workflow that publishes automatically when you create a GitHub release:
- Go to GitHub → Releases → “Create a new release”
- Create a tag (e.g.,
v1.0.0-pre.0) - Check “Set as a pre-release” for pre-releases
- Click “Publish release”
The workflow will:
- Build the package fresh (
pnpm build) - Run tests
- Publish to npm with the appropriate tag (
prefor pre-releases,latestfor stable) - Include provenance attestation for supply chain security
Required secret: NPM_TOKEN - npm automation token with publish permissions.
Pre-commit and Pre-push Hooks
Section titled “Pre-commit and Pre-push Hooks”The repository uses Husky for git hooks:
Pre-commit
Section titled “Pre-commit”- Runs
lint-staged(ESLint + Prettier on staged files) - Runs
typecheck - Runs
lint:process(FSM validation on staged files)
Pre-push
Section titled “Pre-push”- Runs full test suite
Dry Run
Section titled “Dry Run”Always test with --dry-run before publishing:
npm publish --dry-run --tag pre --access publicThis shows what would be published without actually publishing.
Verifying a Published Package
Section titled “Verifying a Published Package”After publishing, verify the package:
# Check npm registrynpm view @libar-dev/delivery-process
# Check dist-tagsnpm view @libar-dev/delivery-process dist-tags
# Install in a test projectmkdir /tmp/test-install && cd /tmp/test-installnpm init -ynpm install @libar-dev/delivery-process@preTroubleshooting
Section titled “Troubleshooting”npm publish fails with authentication error
Section titled “npm publish fails with authentication error”npm loginnpm whoami # Verify you're logged inPackage not found after publishing
Section titled “Package not found after publishing”npm can take a few minutes to propagate. If still not found:
npm cache clean --forcenpm view @libar-dev/delivery-process