Add --no-2fa flag

[pixelastic]

Hello,

This adds a --no-2fa CLI option (as discussed in #398) to bypass enabling 2FA on new packages.

The check is pretty trivial; if the 2Fa option is set to false, the task is skipped. Default value is true.

The weird capitalization is because that's how CLI options starting with a number are converted internally.

I wanted to add tests to the feature but could not find similar tests I could use as a basis to write my own. Happy to add tests in exchange with a few pointers on how to get started.

Fixes #398

[sindresorhus]

This should probably be a config too: https://github.com/sindresorhus/np#config

[dobromyslov]

Any plans to release new np with this feature?

[pixelastic]

I added 2Fa as a config option as well (documented in the README). I had to remove the meow default value for 2Fa, and instead set it to true in defaultFlags otherwise the CLI option would always overwrite the config option.

This actually made me realize that in the current implementation there is no way to force releaseDraft to false from config files as they always get overridden by CLI args. @sindresorhus Would you like me to fix this in this PR or open a new one?

[papb]

Thank you very much for this PR!! I hope it gets merged soon. I have been using your fork directly now as a workaround.

[chinesedfan]

@pixelastic I think #505 gives examples about testing. And personally, I hope #505 can be merged before this one.

[pixelastic]

@chinesedfan Thanks for the link to the test examples. I don't have much time to work on it right now, so I'd rather wait until #505 is reviewed and merged officially to use it as a basis for tests.

[sindresorhus]

#505 is now merged.

[sindresorhus]

Suggested change

	- `2Fa` - Enable 2FA on new packages (`true` by default)
	- `2fa` - Enable 2FA on new packages (`true` by default)

[pixelastic]

This will require some code change. The CLI code converts --no-2fa to { "2FA": false } (yes, including the capitalized F), which is in turn passed to the ui.js module as an option.

If you want the option to be named 2fa (without the capitalization), we'll have to normalize it at some point (ideally normalizing the CLI to 2fa instead of 2FA)

[sindresorhus]

Yes, let's do that. 2Fa is really strange. Ideally, meow would have some kind of transform option for flags, but it doesn't.

[sindresorhus]

Same with the other docs.

^ #515 (comment)

[papb]

How can I help this move forward?

[sindresorhus]

How can I help this move forward?

#515 (comment)

[G-Rath]

@sindresorhus how do you want me to commit this? I can fork & rebase this PR, and open another superseeding, or you could commit this directly to the PR if you've got edit permissions.

diff --git a/readme.md b/readme.md
index 8935e0a..ad66fc8 100644
--- a/readme.md
+++ b/readme.md
@@ -109,7 +109,7 @@ Currently, these are the flags you can configure:
 - `yarn` - Use yarn if possible (`true` by default).
 - `contents` - Subdirectory to publish (`.` by default).
 - `releaseDraft` - Open a GitHub release draft after releasing (`true` by default).
-- `2Fa` - Enable 2FA on new packages (`true` by default)
+- `2fa` - Enable 2FA on new packages (`true` by default)
 
 For example, this configures `np` to never use Yarn and to use `dist` as the subdirectory to publish:
 
diff --git a/source/cli.js b/source/cli.js
index 9c70c28..2235330 100755
--- a/source/cli.js
+++ b/source/cli.js
@@ -89,7 +89,7 @@ updateNotifier({pkg: cli.pkg}).notify();
 		publish: true,
 		releaseDraft: true,
 		yarn: hasYarn(),
-		'2Fa': true
+		'2fa': true
 	};
 
 	const localConfig = await config();
@@ -100,6 +100,10 @@ updateNotifier({pkg: cli.pkg}).notify();
 		...cli.flags
 	};
 
+	if ('2Fa' in flags) {
+		flags['2fa'] = flags['2Fa'];
+	}
+
 	const runPublish = flags.publish && !pkg.private;
 
 	const availability = flags.publish ? await isPackageNameAvailable(pkg) : {
diff --git a/source/index.js b/source/index.js
index 9ac6062..e70c998 100644
--- a/source/index.js
+++ b/source/index.js
@@ -215,7 +215,7 @@ module.exports = async (input = 'patch', options) => {
 		]);
 
 		const isExternalRegistry = npm.isExternalRegistry(pkg);
-		if (options['2Fa'] && options.availability.isAvailable && !options.availability.isUnknown && !pkg.private && !isExternalRegistry) {
+		if (options['2fa'] && options.availability.isAvailable && !options.availability.isUnknown && !pkg.private && !isExternalRegistry) {
 			tasks.add([
 				{
 					title: 'Enabling two-factor authentication',

[papb]

@G-Rath I am surprised that the fix is that simple. I thought a change in meow itself was necessary. Do those simple changes really work?

[G-Rath]

Yup, they really work, at least on my machine - you can try them out yourself by install this PR & then applying the patch:

npm i sindresorhus/np#pull/515/head

You can use patch-package to apply it locally, otherwise if you install it globally you'll have to track down where the package is installed on disk and apply the patch there.

---

I thought a change in meow itself was necessary

An ideal solution would be meow supporting custom transformers that would allow this to happen before it "left" meow, but that'd be a lot larger piece of work that might not ever happen, so this solution should suffice for np :)

[sindresorhus]

Anyone is free to take the changes, fix the remaining issues, and do a new PR.

[pixelastic]

Thanks @G-Rath for finishing what I started but never had the time to finish. Well done!