npm-token
选择命令行版本:
See Details
目录
概要
¥Synopsis
npm token listnpm token revoke <id|token>npm token create
注意:此命令对工作区无感知。
¥Note: This command is unaware of workspaces.
描述
¥Description
这使你可以列出、创建和撤销身份验证令牌。
¥This lets you list, create and revoke authentication tokens.
列出令牌
¥Listing tokens
列出令牌时,将显示缩写后的令牌。出于安全考虑,不会显示完整的令牌。
¥When listing tokens, an abbreviated token will be displayed. For security purposes the full token is not displayed.
生成令牌
¥Generating tokens
生成令牌时,系统会提示你输�入密码;如果你启用了双重身份验证,则还会提示你输入一次性密码 (OTP)。
¥When generating tokens, you will be prompted you for your password and, if you have two-factor authentication enabled, an otp.
有关生成 CI/CD 令牌的更多信息,请参阅 文档网站。
¥Please refer to the docs website for more information on generating tokens for CI/CD.
撤销令牌
¥Revoking tokens
撤销令牌时,你可以使用完整的令牌(例如,从 npm token create 返回的令牌,或 .npmrc 文件中找到的令牌),也可以使用截断的 ID。如果提供的截断 ID 不足以区分多个现有令牌,则需要使用足够长的 ID 以便 npm 能够区分它们。完整的令牌 ID 可在 npm 网站 中找到,或在 npm token list 的 --parseable 或 --json 输出中找到。此命令不接受在正常 npm token list 输出中找到的截断令牌。
¥When revoking a token, you can use the full token (e.g. what you get back from npm token create, or as can be found in an .npmrc file), or a truncated id. If the given truncated id is not distinct enough to differentiate between multiple existing tokens, you will need to use enough of the id to allow npm to distinguish between them. Full token ids can be found on the npm website, or in the --parseable or --json output of npm token list. This command will NOT accept the truncated token found in the normal npm token list output.
被吊销的令牌将立即从注册表中删除,你将无法再使用它。
¥A revoked token will immediately be removed from the registry and you will no longer be able to use it.
配置
¥Configuration
name
-
默认值:null
¥Default: null
-
类型:空值或字符串
¥Type: null or String
使用 npm token create 创建细粒度访问令牌时,此设置用于指定令牌的名称/描述。
¥When creating a Granular Access Token with npm token create, this sets the name/description for the token.
token-description
-
默认值:null
¥Default: null
-
类型:空值或字符串
¥Type: null or String
使用 npm token create 时令牌的描述文本。
¥Description text for the token when using npm token create.
expires
-
默认值:null
¥Default: null
-
类型:空值或数字
¥Type: null or Number
使用 npm token create 创建细粒度访问令牌时,此项可设置令牌的过期时间(以天为单位)。如果未指定,服务器将确定默认过期时间。
¥When creating a Granular Access Token with npm token create, this sets the expiration in days. If not specified, the server will determine the default expiration.
packages
-
默认值:
¥Default:
-
类型:null 或 String(可设置多次)
¥Type: null or String (can be set multiple times)
使用 npm token create 创建细粒度访问令牌时,此项可将令牌访问权限限制在特定软件包。
¥When creating a Granular Access Token with npm token create, this limits the token access to specific packages.
packages-all
-
默认值:false
¥Default: false
-
类型:布尔值
¥Type: Boolean
使用 npm token create 创建细粒度访问令牌时,将授予令牌对所有包的访问权限,而不是限制为特定包。
¥When creating a Granular Access Token with npm token create, grants the token access to all packages instead of limiting to specific packages.
scopes
-
默认值:null
¥Default: null
-
类型:null 或 String(可设置多次)
¥Type: null or String (can be set multiple times)
使用 npm token create 创建细粒度访问令牌时,此项可将令牌访问权限限制在特定范围。提供作用域名称(带或不带 @ 前缀)。
¥When creating a Granular Access Token with npm token create, this limits the token access to specific scopes. Provide a scope name (with or without @ prefix).
orgs
-
默认值:null
¥Default: null
-
类型:null 或 String(可设置多次)
¥Type: null or String (can be set multiple times)
使用 npm token create 创建细粒度访问令牌时,此项可将令牌访问权限限制在特定组织。
¥When creating a Granular Access Token with npm token create, this limits the token access to specific organizations.
packages-and-scopes-permission
-
默认值:null
¥Default: null
-
类型:null、"read-only"、"read-write" 或 "no-access"
¥Type: null, "read-only", "read-write", or "no-access"
使用 npm token create 创建细粒度访问令牌时,设置包和作用域的权限级别。选项包括 "read-only"、"read-write" 或 "no-access"。
¥When creating a Granular Access Token with npm token create, sets the permission level for packages and scopes. Options are "read-only", "read-write", or "no-access".
orgs-permission
-
默认值:null
¥Default: null
-
类型:null、"read-only"、"read-write" 或 "no-access"
¥Type: null, "read-only", "read-write", or "no-access"
使用 npm token create 创建细粒度访问令牌时,设置组织的权限级别。选项包括 "read-only"、"read-write" 或 "no-access"。
¥When creating a Granular Access Token with npm token create, sets the permission level for organizations. Options are "read-only", "read-write", or "no-access".
cidr
-
默认值:null
¥Default: null
-
类型:null 或 String(可设置多次)
¥Type: null or String (can be set multiple times)
这是使用 npm token create 命令配置受限访问令牌时要使用的 CIDR 地址列表。
¥This is a list of CIDR address to be used when configuring limited access tokens with the npm token create command.
bypass-2fa
-
默认值:false
¥Default: false
-
类型:布尔值
¥Type: Boolean
使用 npm token create 创建细粒度访问令牌时,将此项设置为 true 将允许令牌绕过双重身份验证。这对于自动化和 CI/CD 工作流非常有用。
¥When creating a Granular Access Token with npm token create, setting this to true will allow the token to bypass two-factor authentication. This is useful for automation and CI/CD workflows.
password
-
默认值:null
¥Default: null
-
类型:空值或字符串
¥Type: null or String
用于身份验证的密码。虽然可以在创建令牌时通过命令行提供此配置,但通常情况下,系统提示输入此配置更安全。
¥Password for authentication. Can be provided via command line when creating tokens, though it's generally safer to be prompted for it.
registry
-
默认值:"https://registry.npmjs.org/"
¥Default: "https://registry.npmjs.org/"
-
类型:URL
¥Type: URL
npm 注册表的基本 URL。
¥The base URL of the npm registry.
otp
-
默认值:null
¥Default: null
-
类型:空值或字符串
¥Type: null or String
这是来自双重身份验证器的一次性密码。使用 npm access 发布或更改包权限时需要它。
¥This is a one-time password from a two-factor authenticator. It's needed when publishing or changing package permissions with npm access.
如果未设置,并且注册表响应失败并询问一次性密�码,npm 将在命令行上提示输入一次密码。
¥If not set, and a registry response fails with a challenge for a one-time password, npm will prompt on the command line for one.
read-only
-
默认值:false
¥Default: false
-
类型:布尔值
¥Type: Boolean
这用于在使用 npm token create 命令配置受限访问令牌时将令牌标记为无法发布。
¥This is used to mark a token as unable to publish when configuring limited access tokens with the npm token create command.
也可以看看
¥See Also