fix(auth): throw appropriate error when auth context fails to enable publishing

travi · travi · commit f5c8d853bb1b · 2025-08-01T17:04:11.000-05:00
diff --git a/lib/definitions/errors.js b/lib/definitions/errors.js
@@ -45,7 +45,7 @@ Please make sure to create an [npm token](https://docs.npmjs.com/getting-started
   };
 }
 
-export function EINVALIDNPMAUTH({ registry }) {
+export function EINVALIDNPMAUTH() {
   return {
     message: "Invalid npm authentication.",
     details: `The [authentication required to publish](${linkify(
diff --git a/lib/verify-auth.js b/lib/verify-auth.js
@@ -2,6 +2,12 @@ import { execa } from "execa";
 import normalizeUrl from "normalize-url";
 import AggregateError from "aggregate-error";
 import getRegistry from "./get-registry.js";
+import setNpmrcAuth from "./set-npmrc-auth.js";
+import getError from "./get-error.js";
+
+function registryIsDefault(registry, DEFAULT_NPM_REGISTRY) {
+  return normalizeUrl(registry) === normalizeUrl(DEFAULT_NPM_REGISTRY);
+}
 
 export default async function (npmrc, pkg, context) {
   const {
@@ -14,7 +20,7 @@ export default async function (npmrc, pkg, context) {
 
   // await setNpmrcAuth(npmrc, registry, context);
 
-  if (normalizeUrl(registry) === normalizeUrl(DEFAULT_NPM_REGISTRY)) {
+  if (registryIsDefault(registry, DEFAULT_NPM_REGISTRY)) {
   //   try {
     const publishDryRunResult = execa("npm", ["publish", "--dry-run", "--tag=semantic-release-auth-check"], {cwd, env, preferLocal: true, lines: true});
   //     const whoamiResult = execa("npm", ["whoami", "--userconfig", npmrc, "--registry", registry], {
@@ -27,14 +33,14 @@ export default async function (npmrc, pkg, context) {
   //     await whoamiResult;
     publishDryRunResult.stdout.pipe(stdout, { end: false });
     publishDryRunResult.stderr.pipe(stderr, { end: false });
-    const {stderr: execaStderr} = await publishDryRunResult;
-    execaStderr.forEach((line) => {
-      if (line.includes("This command requires you to be logged in to https://registry.npmjs.org/")) {
-        throw new AggregateError([new Error('no auth context')]);
+
+    (await publishDryRunResult).stderr.forEach((line) => {
+      if (line.includes("This command requires you to be logged in to ")) {
+        throw new AggregateError([getError("EINVALIDNPMAUTH" )]);
       }
     })
   //   } catch {
-  //     throw new AggregateError([getError("EINVALIDNPMTOKEN", { registry })]);
+  //     throw new AggregateError([getError("EINVALIDNPMAUTH", { registry })]);
   //   }
   }
 }
diff --git a/test/integration.test.js b/test/integration.test.js
@@ -107,8 +107,8 @@ test("Throws error if NPM token is invalid", async (t) => {
   );
 
   t.is(error.name, "SemanticReleaseError");
-  t.is(error.code, "EINVALIDNPMTOKEN");
-  t.is(error.message, "Invalid npm token.");
+  t.is(error.code, "EINVALIDNPMAUTH");
+  t.is(error.message, "Invalid npm authentication.");
 });
 
 test("Skip Token validation if the registry configured is not the default one", async (t) => {

Original file line number	Diff line number	Diff line change
`@@ -45,7 +45,7 @@ Please make sure to create an [npm token](https://docs.npmjs.com/getting-started`
`45`	`45`	`};`
`46`	`46`	`}`
`47`	`47`
`48`		`-export function EINVALIDNPMAUTH({ registry }) {`
	`48`	`+export function EINVALIDNPMAUTH() {`
`49`	`49`	`return {`
`50`	`50`	`message: "Invalid npm authentication.",`
`51`	`51`	details: `The [authentication required to publish](${linkify(