|
| 1 | +components: |
| 2 | + responses: |
| 3 | + PublishSuccess: |
| 4 | + description: Successful Publish |
| 5 | + content: |
| 6 | + application/json: |
| 7 | + schema: |
| 8 | + type: object |
| 9 | + properties: |
| 10 | + success: |
| 11 | + type: boolean |
| 12 | + enum: |
| 13 | + - true |
| 14 | +paths: |
| 15 | + /{escapedPackageName}: |
| 16 | + parameters: |
| 17 | + - $ref: './api/shared-components.yaml#/components/parameters/EscapedPackageName' |
| 18 | + - $ref: './api/shared-components.yaml#/components/parameters/RequiredBearerToken' |
| 19 | + put: |
| 20 | + tags: |
| 21 | + - Publish |
| 22 | + summary: Publish a new version of a package |
| 23 | + operationId: publish |
| 24 | + requestBody: |
| 25 | + required: true |
| 26 | + content: |
| 27 | + application/json: |
| 28 | + schema: |
| 29 | + type: object |
| 30 | + properties: |
| 31 | + _id: |
| 32 | + type: string |
| 33 | + example: 'npm@2.0.0' |
| 34 | + description: The name and version of the package being published |
| 35 | + name: |
| 36 | + type: string |
| 37 | + example: npm |
| 38 | + description: The name of the package being published |
| 39 | + description: |
| 40 | + type: string |
| 41 | + example: a package manager for JavaScript |
| 42 | + description: The description of the package being published |
| 43 | + 'dist-tags': |
| 44 | + type: object |
| 45 | + description: dist-tag to apply for this new version |
| 46 | + additionalProperties: |
| 47 | + type: string |
| 48 | + format: semver |
| 49 | + description: version for this tag, must be the version being uploaded |
| 50 | + example: |
| 51 | + latest: 2.0.0 |
| 52 | + dist: |
| 53 | + type: object |
| 54 | + properties: |
| 55 | + integrity: |
| 56 | + type: string |
| 57 | + format: sha512 |
| 58 | + description: sha512 integrity string for this version's tarball |
| 59 | + example: 'sha512-0p99G5Mu9FC3ixLarvgfU0O8xoc386LBll2UixE8rbSJrKRFoXbJFbGSOBN9exJiFXryiLDFFhCKjOOBxQ/dsQ==' |
| 60 | + shasum: |
| 61 | + type: string |
| 62 | + format: sha1 |
| 63 | + description: sha1 hex digest for this version's tarball |
| 64 | + example: f783874393588901af1a4824a145fa009f174d9d |
| 65 | + tarball: |
| 66 | + type: string |
| 67 | + format: url |
| 68 | + description: url for the tarball will live. This is overwritten by the registry. |
| 69 | + example: https://registry.npmjs.org/npm/-/npm-2.0.0.tgz |
| 70 | + versions: |
| 71 | + description: 'manifest (package.json) of the package to be published, indexed by the version being published' |
| 72 | + additionalProperties: |
| 73 | + type: object |
| 74 | + properties: |
| 75 | + name: |
| 76 | + type: string |
| 77 | + description: package name |
| 78 | + version: |
| 79 | + type: string |
| 80 | + format: semver |
| 81 | + description: version of the package being published |
| 82 | + additionalProperties: |
| 83 | + oneOf: |
| 84 | + - type: string |
| 85 | + - type: object |
| 86 | + - type: array |
| 87 | + description: other package.json content |
| 88 | + example: |
| 89 | + '2.0.0': |
| 90 | + name: npm |
| 91 | + version: 2.0.0 |
| 92 | + description: A package manager for node |
| 93 | + access: |
| 94 | + type: string |
| 95 | + example: public |
| 96 | + enum: |
| 97 | + - public |
| 98 | + - restricted |
| 99 | + description: Access level for this package. Whether it is public or not. |
| 100 | + _attachments: |
| 101 | + type: object |
| 102 | + description: Tarball and provenance attestation attachments |
| 103 | + additionalProperties: |
| 104 | + anyOf: |
| 105 | + - type: object |
| 106 | + properties: |
| 107 | + content_type: |
| 108 | + type: string |
| 109 | + description: tarball content type |
| 110 | + enum: |
| 111 | + - 'application/octet-stream' |
| 112 | + data: |
| 113 | + type: string |
| 114 | + format: base64 |
| 115 | + description: base64 content of the tarball for this version |
| 116 | + length: |
| 117 | + type: integer |
| 118 | + description: length of the tarball data string |
| 119 | + - type: object |
| 120 | + properties: |
| 121 | + content_type: |
| 122 | + type: string |
| 123 | + description: sigstore content type |
| 124 | + data: |
| 125 | + type: string |
| 126 | + format: base64 |
| 127 | + description: base64 content of the provenance attestation for this version |
| 128 | + length: |
| 129 | + type: integer |
| 130 | + description: length of the provenance data string |
| 131 | + example: |
| 132 | + 'npm-2.0.0.tgz': |
| 133 | + content_type: 'application/octet-stream' |
| 134 | + data: ZXhhbXBsZQo= |
| 135 | + length: 13 |
| 136 | + 'npm-2.0.0.sigstore': |
| 137 | + content_type: 'application/vnd.dev.sigstore.bundle+json;version=0.2' |
| 138 | + data: ZXhhbXBsZQo= |
| 139 | + length: 13 |
| 140 | + security: |
| 141 | + - npmAccessToken: [] |
| 142 | + - npmSessionToken: [] |
| 143 | + - granularAccessToken: [] |
| 144 | + - oidcIdToken: [] |
| 145 | + responses: |
| 146 | + '200': |
| 147 | + $ref: '#/components/responses/PublishSuccess' |
| 148 | + '401': |
| 149 | + $ref: './api/shared-components.yaml#/components/responses/Unauthorized' |
0 commit comments