Skip to content

Commit 72e6d63

Browse files
feat: add publish endpoint (#40)
Co-authored-by: Michael Smith <owlstronaut@github.com>
1 parent 491f459 commit 72e6d63

File tree

3 files changed

+151
-0
lines changed

3 files changed

+151
-0
lines changed

api/base.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -92,6 +92,7 @@ x-tagGroups:
9292
- Audit
9393
- OIDC
9494
- Org
95+
- Publish
9596
- Search
9697
- Team
9798
- Tokens

api/merge-config.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ inputs:
44
- inputFile: registry.npmjs.com/audit.yaml
55
- inputFile: registry.npmjs.com/oidc.yaml
66
- inputFile: registry.npmjs.com/org.yaml
7+
- inputFile: registry.npmjs.com/publish.yaml
78
- inputFile: registry.npmjs.com/search.yaml
89
- inputFile: registry.npmjs.com/team.yaml
910
- inputFile: registry.npmjs.com/token.yaml
Lines changed: 149 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,149 @@
1+
components:
2+
responses:
3+
PublishSuccess:
4+
description: Successful Publish
5+
content:
6+
application/json:
7+
schema:
8+
type: object
9+
properties:
10+
success:
11+
type: boolean
12+
enum:
13+
- true
14+
paths:
15+
/{escapedPackageName}:
16+
parameters:
17+
- $ref: './api/shared-components.yaml#/components/parameters/EscapedPackageName'
18+
- $ref: './api/shared-components.yaml#/components/parameters/RequiredBearerToken'
19+
put:
20+
tags:
21+
- Publish
22+
summary: Publish a new version of a package
23+
operationId: publish
24+
requestBody:
25+
required: true
26+
content:
27+
application/json:
28+
schema:
29+
type: object
30+
properties:
31+
_id:
32+
type: string
33+
example: 'npm@2.0.0'
34+
description: The name and version of the package being published
35+
name:
36+
type: string
37+
example: npm
38+
description: The name of the package being published
39+
description:
40+
type: string
41+
example: a package manager for JavaScript
42+
description: The description of the package being published
43+
'dist-tags':
44+
type: object
45+
description: dist-tag to apply for this new version
46+
additionalProperties:
47+
type: string
48+
format: semver
49+
description: version for this tag, must be the version being uploaded
50+
example:
51+
latest: 2.0.0
52+
dist:
53+
type: object
54+
properties:
55+
integrity:
56+
type: string
57+
format: sha512
58+
description: sha512 integrity string for this version's tarball
59+
example: 'sha512-0p99G5Mu9FC3ixLarvgfU0O8xoc386LBll2UixE8rbSJrKRFoXbJFbGSOBN9exJiFXryiLDFFhCKjOOBxQ/dsQ=='
60+
shasum:
61+
type: string
62+
format: sha1
63+
description: sha1 hex digest for this version's tarball
64+
example: f783874393588901af1a4824a145fa009f174d9d
65+
tarball:
66+
type: string
67+
format: url
68+
description: url for the tarball will live. This is overwritten by the registry.
69+
example: https://registry.npmjs.org/npm/-/npm-2.0.0.tgz
70+
versions:
71+
description: 'manifest (package.json) of the package to be published, indexed by the version being published'
72+
additionalProperties:
73+
type: object
74+
properties:
75+
name:
76+
type: string
77+
description: package name
78+
version:
79+
type: string
80+
format: semver
81+
description: version of the package being published
82+
additionalProperties:
83+
oneOf:
84+
- type: string
85+
- type: object
86+
- type: array
87+
description: other package.json content
88+
example:
89+
'2.0.0':
90+
name: npm
91+
version: 2.0.0
92+
description: A package manager for node
93+
access:
94+
type: string
95+
example: public
96+
enum:
97+
- public
98+
- restricted
99+
description: Access level for this package. Whether it is public or not.
100+
_attachments:
101+
type: object
102+
description: Tarball and provenance attestation attachments
103+
additionalProperties:
104+
anyOf:
105+
- type: object
106+
properties:
107+
content_type:
108+
type: string
109+
description: tarball content type
110+
enum:
111+
- 'application/octet-stream'
112+
data:
113+
type: string
114+
format: base64
115+
description: base64 content of the tarball for this version
116+
length:
117+
type: integer
118+
description: length of the tarball data string
119+
- type: object
120+
properties:
121+
content_type:
122+
type: string
123+
description: sigstore content type
124+
data:
125+
type: string
126+
format: base64
127+
description: base64 content of the provenance attestation for this version
128+
length:
129+
type: integer
130+
description: length of the provenance data string
131+
example:
132+
'npm-2.0.0.tgz':
133+
content_type: 'application/octet-stream'
134+
data: ZXhhbXBsZQo=
135+
length: 13
136+
'npm-2.0.0.sigstore':
137+
content_type: 'application/vnd.dev.sigstore.bundle+json;version=0.2'
138+
data: ZXhhbXBsZQo=
139+
length: 13
140+
security:
141+
- npmAccessToken: []
142+
- npmSessionToken: []
143+
- granularAccessToken: []
144+
- oidcIdToken: []
145+
responses:
146+
'200':
147+
$ref: '#/components/responses/PublishSuccess'
148+
'401':
149+
$ref: './api/shared-components.yaml#/components/responses/Unauthorized'

0 commit comments

Comments
 (0)