It's odd that `npm publish` prompts for a 2FA on failure, but `npm dist-tag` doesn't.


(Isiah Meadows) #1

I just find this inconsistency a little odd.


(Lars Willighagen) #2

@zkat I started to implement this (with a util function to avoid repetition), but apparently the registry doesn’t return the same E401 messages for dist-tag? Or is that on the registry client? Edit: the response doesn’t seem to have a www-authenticate header, to be more specific.


(Kat Marchán) #3

nooo, don’t do this. This is already implemented in https://github.com/npm/cli/pull/2!!

I actually went through every command and made sure this OTP prompting was consistent. It’s just waiting for the PR to pass tests and for us to do a release.


(Lars Willighagen) #4

Oh lol, I even looked at that PR today — not closely enough, apparently. I guess it’s still a learning experience.


(Kat Marchán) #5

it’s never a waste to get a better understanding of a codebase :) I throw away swaths of code on the reg.