Skip to content

fix: change npm profile to create tokens with GAT support #8706

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
owlstronaut merged 3 commits into from
Nov 18, 2025
Merged

fix: change npm profile to create tokens with GAT support #8706

owlstronaut merged 3 commits into from
Nov 18, 2025
+646 −110

Conversation

@owlstronaut
Copy link
Contributor

@owlstronaut owlstronaut commented Oct 28, 2025
edited
Loading

This pull request introduces extensive enhancements to the npm token management command, adding support for creating Granular Access Tokens (GATs) with fine-grained permissions. It updates the CLI interface, configuration, and documentation to allow users to specify token details such as name, description, expiration, package/scope/org restrictions, permission levels, and bypassing two-factor authentication. The changes also improve error messaging and ensure all new options are reflected in the config and docs.

Needs npm/npm-profile#175 changes/release before this will work.

@owlstronaut owlstronaut changed the title feat: Adds Granular Access Token (GAT) support to npm token command feat!: Adds Granular Access Token (GAT) support to npm token command Oct 28, 2025
@owlstronaut owlstronaut force-pushed the owlstronaut/gat-create-support branch from dfcfec9 to ff27b2a Compare October 29, 2025 16:40
@owlstronaut owlstronaut changed the title feat!: Adds Granular Access Token (GAT) support to npm token command fix: Uses the npm-profile package to create tokens with GAT support Oct 29, 2025
@owlstronaut owlstronaut force-pushed the owlstronaut/gat-create-support branch 2 times, most recently from e1966ed to 12e237f Compare October 31, 2025 16:52
@wraithgar wraithgar mentioned this pull request Nov 10, 2025
Closed
wraithgar
wraithgar reviewed Nov 10, 2025
View reviewed changes
workspaces/config/lib/definitions/definitions.js
Show extended information in \`ls\`, \`search\`, and \`help-search\`.
`,
}),
name: new Definition('name', {
Copy link
Member

@wraithgar wraithgar Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we may want to namespace a few of these to gat-, if not all of them.

@wraithgar wraithgar force-pushed the owlstronaut/gat-create-support branch from 12e237f to a0b368f Compare November 10, 2025 18:46
@wraithgar
Copy link
Member

wraithgar commented Nov 17, 2025

Updated to just use npm-registry-fetch. Tests still need updating.

@wraithgar wraithgar force-pushed the owlstronaut/gat-create-support branch 2 times, most recently from 2010c96 to 553d993 Compare November 17, 2025 22:01
@wraithgar wraithgar changed the title fix: Uses the npm-profile package to create tokens with GAT support fix: change npm profile to create tokens with GAT support Nov 17, 2025
@wraithgar wraithgar force-pushed the owlstronaut/gat-create-support branch from 553d993 to 709425b Compare November 18, 2025 17:59
@owlstronaut owlstronaut marked this pull request as ready for review November 18, 2025 18:47
@owlstronaut owlstronaut requested a review from a team as a code owner November 18, 2025 18:47
@owlstronaut owlstronaut merged commit c6242d9 into latest Nov 18, 2025
46 checks passed
@owlstronaut owlstronaut deleted the owlstronaut/gat-create-support branch November 18, 2025 22:00
@github-actions github-actions bot mentioned this pull request Nov 18, 2025
Merged
@npm-cli-bot npm-cli-bot mentioned this pull request Nov 19, 2025
Merged
@cs5vsm99xq-wq
Copy link

cs5vsm99xq-wq commented Jan 20, 2026

This pull request introduces extensive enhancements to the npm token management command, adding support for creating Granular Access Tokens (GATs) with fine-grained permissions. It updates the CLI interface, configuration, and documentation to allow users to specify token details such as name, description, expiration, package/scope/org restrictions, permission levels, and bypassing two-factor authentication. The changes also improve error messaging and ensure all new options are reflected in the config and docs.

Needs npm/npm-profile#175 changes/release before this will work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wraithgar wraithgar wraithgar left review comments

@nishantms nishantms nishantms approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@owlstronaut @wraithgar @cs5vsm99xq-wq @nishantms