-
Problem:It is opaque which service will receive credentials for "npm login". This can lead to leaked credentials. Logging into a non-standard registry is a 2-command process. Not only that, but one can be logged into multiple registries for various scopes. Give a multitude of registries, when I perform "npm login", depending on the flags, my credentials can be sent to a number of services. It would be nice to know exactly which one before credentials are entered. Solution:Currently:
Proposed:
|
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
Hi @rykov 😊 Thanks for the suggestion! We discussed it briefly during our OpenRFC meeting today and the consensus is that this is a very nice to have addition and one that is small enough to not warrant a full RFC, I've opened an issue in the cli repo so that we can track the working item in our backlog but it may also be contributed by the community: npm/cli#2071 |
Beta Was this translation helpful? Give feedback.
Hi @rykov 😊 Thanks for the suggestion!
We discussed it briefly during our OpenRFC meeting today and the consensus is that this is a very nice to have addition and one that is small enough to not warrant a full RFC, I've opened an issue in the cli repo so that we can track the working item in our backlog but it may also be contributed by the community: npm/cli#2071