| Server IP : 88.222.222.236 / Your IP : 216.73.216.238 Web Server : LiteSpeed System : Linux id-dci-web1986.main-hosting.eu 5.14.0-611.26.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Jan 29 05:24:47 EST 2026 x86_64 User : u686484674 ( 686484674) PHP Version : 8.0.30 Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /opt/alt/alt-nodejs20/root/lib/node_modules/npm/node_modules.bundled/libnpmaccess/ |
Upload File : |
# libnpmaccess
[](https://npm.im/libnpmaccess)
[](https://npm.im/libnpmaccess)
[](https://github.com/npm/cli/actions/workflows/ci-libnpmaccess.yml)
[`libnpmaccess`](https://github.com/npm/libnpmaccess) is a Node.js
library that provides programmatic access to the guts of the npm CLI's `npm
access` command. This includes managing account mfa settings, listing
packages and permissions, looking at package collaborators, and defining
package permissions for users, orgs, and teams.
## Example
```javascript
const access = require('libnpmaccess')
const opts = { '//registry.npmjs.org/:_authToken: 'npm_token }
// List all packages @zkat has access to on the npm registry.
console.log(Object.keys(await access.getPackages('zkat', opts)))
```
### API
#### `opts` for all `libnpmaccess` commands
`libnpmaccess` uses [`npm-registry-fetch`](https://npm.im/npm-registry-fetch).
All options are passed through directly to that library, so please refer
to [its own `opts`
documentation](https://www.npmjs.com/package/npm-registry-fetch#fetch-options)
for options that can be passed in.
#### `spec` parameter for all `libnpmaccess` commands
`spec` must be an [`npm-package-arg`](https://npm.im/npm-package-arg)-compatible
registry spec.
#### `access.getCollaborators(spec, opts) -> Promise<Object>`
Gets collaborators for a given package
#### `access.getPackages(user|scope|team, opts) -> Promise<Object>`
Gets all packages for a given user, scope, or team.
Teams should be in the format `scope:team` or `@scope:team`
Users and scopes can be in the format `@scope` or `scope`
#### `access.getVisibility(spec, opts) -> Promise<Object>`
Gets the visibility of a given package
#### `access.removePermissions(team, spec, opts) -> Promise<Boolean>`
Removes the access for a given team to a package.
Teams should be in the format `scope:team` or `@scope:team`
#### `access.setAccess(package, access, opts) -> Promise<Boolean>`
Sets access level for package described by `spec`.
The npm registry accepts the following `access` levels:
`public`: package is public
`private`: package is private
The npm registry also only allows scoped packages to have their access
level set.
#### access.setMfa(spec, level, opts) -> Promise<Boolean>`
Sets the publishing mfa requirements for a given package. Level must be one of the
following
`none`: mfa is not required to publish this package.
`publish`: mfa is required to publish this package, automation tokens
cannot be used to publish.
`automation`: mfa is required to publish this package, automation tokens
may also be used for publishing from continuous integration workflows.
#### access.setPermissions(team, spec, permssions, opts) -> Promise<Boolean>`
Sets permissions levels for a given team to a package.
Teams should be in the format `scope:team` or `@scope:team`
The npm registry accepts the following `permissions`:
`read-only`: Read only permissions
`read-write`: Read and write (aka publish) permissions