Authenticate via Username / Password
db5rg3ss opened this issue · 2 comments
It would be nice to be able to authenticate via your npm username and password.
The npm publish command uses your NPM token to authenticate. It does not use your username/password That's why this module needs your NPM token.
It might be possible to have the module run the npm login command and feed your username/password into it via STDIN. However, this would be less secure, since it could potentially expose your NPM credentials. In addition, the npm login command writes your NPM token to the ~/.npmrc file, which is also less secure since any other action can then access the token.
Thanks for the request, but I'm going to take the opinionated stance that username/password auth to npm in CI is not a good idea from a security standpoint, and this action should not support it