选择 CLI 版本:



npm access list packages [<user>|<scope>|<scope:team> [<package>]
npm access list collaborators [<package> [<user>]]
npm access get status [<package>]
npm access set status=public|private [<package>]
npm access set mfa=none|publish|automation [<package>]
npm access grant <read-only|read-write> <scope:team> [<package>]
npm access revoke <scope:team> [<package>]


Note: This command is unaware of workspaces.




Used to set access controls on private packages.

对于所有子命令,如果没有将包名传递给子命令,npm access 将对当前工作目录中的包执行操作。

For all of the subcommands, npm access will perform actions on the packages in the current working directory if no package name is passed to the subcommand.

  • public / restricted(已弃用):将包设置为可公开访问或受限制。

    public / restricted (deprecated): Set a package to be either publicly accessible or restricted.

  • grant / revoke(已弃用):添加或删除用户和团队对包具有只读或读写访问权限的能力。

    grant / revoke (deprecated): Add or remove the ability of users and teams to have read-only or read-write access to a package.

  • 2fa-required / 2fa-not-required(已弃用):配置包是否要求发布它的任何人在其账户上启用双重身份验证。

    2fa-required / 2fa-not-required (deprecated): Configure whether a package requires that anyone publishing it have two-factor authentication enabled on their account.

  • ls-packages(已弃用):显示用户或团队能够访问的所有包以及访问级别,只读公共包除外(它不会打印整个注册表列表)

    ls-packages (deprecated): Show all of the packages a user or a team is able to access, along with the access level, except for read-only public packages (it won't print the whole registry listing)

  • ls-collaborators(已弃用):显示包的所有访问权限。只会显示你至少具有读取权限的包的权限。如果传入 <user>,则列表仅过滤到用户恰好属于的团队。

    ls-collaborators (deprecated): Show all of the access privileges for a package. Will only show permissions for packages to which you have at least read access. If <user> is passed in, the list is filtered only to teams that user happens to belong to.

  • edit(未实现)

    edit (not implemented)



npm access 始终直接在当前注册表上运行,可以使用 --registry=<registry url> 从命令行进行配置。

npm access always operates directly on the current registry, configurable from the command line using --registry=<registry url>.


Unscoped packages are always public.

范围包默认为受限,但你可以使用 npm publish --access=public 将它们发布为公共,或者在初始发布后使用 npm access public 将其访问权限设置为公共。

Scoped packages default to restricted, but you can either publish them as public using npm publish --access=public, or set their access as public using npm access public after the initial publish.


You must have privileges to set the access of a package:

  • 你是无范围或范围包的所有者。

    You are an owner of an unscoped or scoped package.

  • 你是拥有范围的团队的成员。

    You are a member of the team that owns a scope.

  • 作为团队成员或直接作为所有者,你已获得包的读写权限。

    You have been given read-write privileges for a package, either as a member of a team or directly as an owner.

如果你启用了双重身份验证,系统会提示你提供第二个因素,或者可以使用 --otp=... 选项在命令行上指定它。

If you have two-factor authentication enabled then you'll be prompted to provide a second factor, or may use the --otp=... option to specify it on the command line.

如果你的账户未付款,则除非你使用 --access=public,否则尝试发布范围包将失败并返回 HTTP 402 状态代码(从逻辑上讲)。

If your account is not paid, then attempts to publish scoped packages will fail with an HTTP 402 status code (logically enough), unless you use --access=public.

团队和团队成员的管理是使用 npm team 命令完成的。

Management of teams and team memberships is done with the npm team command.




  • 默认值:false

    Default: false

  • 类型:布尔值

    Type: Boolean

是否输出 JSON 数据,而不是正常输出。

Whether or not to output JSON data, rather than the normal output.

  • npm pkg set 中,它可以使用 JSON.parse() 解析集合值,然后再将它们保存到你的 package.json

    In npm pkg set it enables parsing set values with JSON.parse() before saving them to your package.json.

并非所有 npm 命令都支持。

Not supported by all npm commands.


  • 默认值:null

    Default: null

  • 类型:空值或字符串

    Type: null or String

这是来自双重身份验证器的一次性密码。使用 npm access 发布或更改包权限时需要它。

This is a one-time password from a two-factor authenticator. It's needed when publishing or changing package permissions with npm access.

如果未设置,并且注册表响应失败并询问一次性密码,npm 将在命令行上提示输入一次密码。

If not set, and a registry response fails with a challenge for a one-time password, npm will prompt on the command line for one.


npm 注册表的基本 URL。

The base URL of the npm registry.


See Also

npm 中文网 - 粤ICP备13048890号