npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

It's odd that `npm publish` prompts for a 2FA on failure, but `npm dist-tag` doesn't.

I just find this inconsistency a little odd.


@zkat I started to implement this (with a util function to avoid repetition), but apparently the registry doesn’t return the same E401 messages for dist-tag? Or is that on the registry client? Edit: the response doesn’t seem to have a www-authenticate header, to be more specific.


nooo, don’t do this. This is already implemented in https://github.com/npm/cli/pull/2!!

I actually went through every command and made sure this OTP prompting was consistent. It’s just waiting for the PR to pass tests and for us to do a release.


Oh lol, I even looked at that PR today — not closely enough, apparently. I guess it’s still a learning experience.


it’s never a waste to get a better understanding of a codebase :) I throw away swaths of code on the reg.