Set up NPM packaging as a private package #31
Merged
+52
−14
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Addresses ENG-1642. Includes updates to package.json (prepublishOnly script, GPLv3 license, "p0" entrypoint, packaged files) needed in order to serve package on NPM. Note that currently it is published as @komaldhull/p0cli, a private package under my NPM user. This is just for testing purposes. When we are ready to make it public, I have created an organization called "p0security", and we can publish it under @p0security/p0cli. The ticket ENG-1531 captures this TODO. Also adds a Github workflow to publish the package to NPM when a github release is published.
Tested via installing the CLI using npm install -g (if you send me your NPM username, I can add you to the private package so you can test as well), and tested the workflow by triggering it manually and verifying that publish succeeds.