Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

.idea in your npm published package #2781

Closed
rom1504 opened this issue Jan 20, 2016 · 3 comments
Closed

.idea in your npm published package #2781

rom1504 opened this issue Jan 20, 2016 · 3 comments

Comments

@rom1504
Copy link

rom1504 commented Jan 20, 2016

I've recently noticed that git globally ignored filed are included in a npm package when publishing it and as a result some files are published by accident. See npm/npm#5673 (and I'm working on https://github.com/rom1504/npm-safeguard)

The last version published of this package contain files in a .idea/. It doesn't seem like they contain actually private information in this case, but publishing these files by accident can lead to publishing passwords or any other private information (that would be put in webstorm run configurations for example)
@mrmlnc
Copy link

mrmlnc commented Jan 20, 2016

Yeap! Also need to remove all the excess files:

  • .idea (~32KB)
  • dot and CI files: .jscsrc, appveyor and etc
  • test directory (~600KB) (The average user does not need tests in the package. They need developers.)
  • Gruntfile.js
  • bower (Why need it in npm package?)

This can reduce the package to ~700KB.

@seven-phases-max
Copy link
Member

See #2617.

@seven-phases-max
Copy link
Member

Merging to #2617.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rom1504 @seven-phases-max @mrmlnc and others