NPM Releases

This page documents deployments using the next major version dpl v2, which currently is in a beta release phase. Please see our blog post for details. The current default version is dpl v1. Check dpl v1 documentation here.

Be sure to read the v2 deployment overview.

Travis CI can automatically release to NPM or another npm-like registry after a successful build.

For a minimal configuration, add the following to your .travis.yml:

  provider: npm
  api_token: <encrypted api_token>
  edge: true # opt in to dpl v2

Status #

Support for deployments to npm is *stable**.

Known options #

Use the following options to further configure the deployment.

email npm account email — type: string
api_token npm api token — required, secret, type: string, alias: api_key, note: can be retrieved from your local ~/.npmrc file, see:
access Access level — type: string, known values: public, private
registry npm registry url — type: string
src directory or tarball to publish — type: string, default: .
tag distribution tags to add — type: string
run_script run the given script from package.json — type: string or array of strings, note: skips running npm publish
dry_run performs test run without uploading to registry — type: boolean
auth_method Authentication method — type: string, known values: auth

Shared options #

cleanup Clean up build artifacts from the Git working directory before the deployment — type: boolean
run Commands to execute after the deployment finished successfully — type: string or array of strings

Environment variables #

All options can be given as environment variables if prefixed with NPM_.

For example, api_token can be given as NPM_API_TOKEN=<api_token>.

Securing secrets #

Secret option values should be given as either encrypted strings in your build configuration (.travis.yml file) or environment variables in your repository settings.

Environment variables can be set on the settings page of your repository, or using travis env set:

travis env set NPM_API_TOKEN <api_token>

In order to encrypt option values when adding them to your .travis.yml file use travis encrypt:

travis encrypt <api_token>

Or use --add to directly add it to your .travis.yml file. Note that this command has to be run in your repository’s root directory:

travis encrypt --add deploy.api_token <api_token>

NPM auth token #

Your NPM Auth token can be obtained the following ways:

Log in to your NPM account, and generate a new token at<user>/tokens, where <user> is the name of your user account.

Or use the NPM CLI command npm adduser to create a user, then open the ~/.npmrc file:

  • For NPM v2+, use the authToken value.
  • For NPM ~1, use the auth value.

Tagging releases #

You can automatically add npm distribution tags using the tag option:

  # ⋮
  tag: next

Note on .gitignore #

Note that npm deployment honors .gitignore if .npmignore does not exist. This means that if your build creates artifacts in places listed in .gitignore, they will not be included in the uploaded package.

See npm documentation for more details.

If your .gitignore file matches something that your build creates, use before_deploy to change its content, or create (potentially empty) .npmignore file to override it.

Troubleshooting “npm ERR! You need a paid account to perform this action.” #

npm assumes that scoped packages are private by default. You can explicitly tell npm your package is a public package and avoid this error by adding the following to your package.json file:

  "publishConfig": {
    "access": "public"

Deploying tags #

Most likely, you would only want to deploy when a new version of your package is cut.

To do this, you can include a tags condition like so:

  provider: npm
  # ⋮
    tags: true

If you tag a commit locally, remember to run git push --tags to ensure that your tags are uploaded to GitHub.

Pull Requests #

Note that pull request builds skip the deployment step altogether.

See also #