Added support for read-only tokens

Bytesafe now supports read-only tokens. For example, these can be used in CI/CD pipelines where you only require read access or similar use cases.

Create a read-only token

To generate a read-only token use the --read-only flag. You also need to be logged in to Bytesafe to generate a token.

npm token create --read-only

When asked for a password, just login to Bytesafe and copy the password, which is accessible for your registry.

Also, if you have not set your Bytesafe registry to be used by default using npm config set registry <YOUR BYTESAFE REGISTRY>, then you also need specify which registry you intend to use with the --registry flag:

npm token create --read-only --registry <YOUR BYTESAFE REGISTRY>

List and revoke tokens

By default npm token create generates a token with both read and write permissions. In a CI/CD environment it is recommended to use read-only tokens.

To list your current tokens you can use npm token list and to revoke you can use npm token revoke <TOKEN ID>.


If you have any questions or experience any issues, we would appreciate your feedback!