> it's in npm's best interest to make it easy to publish leftpad.js easily
That's what I was getting at above. It definitely was in NPM's best interest to do so. Depending on your definition of "easily", is it still in their interest to have it quite that easy? Perhaps a different default is in order now, as you suggest. Or perhaps it should even require a confirmation dialog on the terminal for the first public push? People will still use NPM at this point. Not having enough packages or a package for a specific functionality is hardly a problem for them any more.
They could just change it to `npm publish npm|url name` with some useful warnings. The name should be checked against package.name.
Then libraries could simply add an npm script for publishing.
npm publish
To publish a package to
npm, you must enter:
npm publish npm <package-name>
To publish a package to
another registry, you
must enter:
npm publish <url> <package-name>
cool, so now the developer that did this will just thoughtlessly type npm publish npm instead.
At the end of the day, there's only so much you can do. Really, a hammer shouldn't have a prompt on it confirming each hit. If it does, users will just instinctively press it and then a few months down the road they'll hit their thumb.
That's what I was getting at above. It definitely was in NPM's best interest to do so. Depending on your definition of "easily", is it still in their interest to have it quite that easy? Perhaps a different default is in order now, as you suggest. Or perhaps it should even require a confirmation dialog on the terminal for the first public push? People will still use NPM at this point. Not having enough packages or a package for a specific functionality is hardly a problem for them any more.