It's odd that `npm publish` prompts for a 2FA on failure, but `npm dist-tag` doesn't.

(Isiah Meadows) #1

I just find this inconsistency a little odd.

(Lars Willighagen) #2

@zkat I started to implement this (with a util function to avoid repetition), but apparently the registry doesn’t return the same E401 messages for dist-tag? Or is that on the registry client? Edit: the response doesn’t seem to have a www-authenticate header, to be more specific.

(Kat Marchán) #3

nooo, don’t do this. This is already implemented in!!

I actually went through every command and made sure this OTP prompting was consistent. It’s just waiting for the PR to pass tests and for us to do a release.

(Lars Willighagen) #4

Oh lol, I even looked at that PR today — not closely enough, apparently. I guess it’s still a learning experience.

(Kat Marchán) #5

it’s never a waste to get a better understanding of a codebase :) I throw away swaths of code on the reg.