Skip to content

Latest commit

 

History

History
30 lines (21 loc) · 1.26 KB

specify_flag_to_prohibit_upload_to_npm.md

File metadata and controls

30 lines (21 loc) · 1.26 KB

Specify Flag to Prohibit Upload to NPM

In your package.json file, you can specify a flag to prohibit uploading to NPM.

{
  "private": true
}

The default value for private is false. When set to true, it will prevent the package from being published to the NPM registry.

The challenge with the default is that it is not explicitly set, and it is easy to forget to set it. By setting it to true, you are explicitly stating that the package should not be published to the NPM registry.

The flag can be used with the license specification in the package.json file, for private packages.

{
  "private": true,
  "license": "UNLICENSED"
}

I believe generated packages have the license: ISC. This is a permissive license, but it is not suitable for all projects. By setting the license to UNLICENSED, you are explicitly stating that the package is not licensed for use by others.

Resources and References