npm cannot publish over previously published version

Asked 19/4, 2019 at 23:54 Answered 17/9, 2023 at 13:8

npm is causing me grief and I have no idea why. Trying to publish a new version of my package.

npm view {{package}} versions

[ '0.3.0',
  '0.3.1',
  '0.4.0',
  '0.4.2',
  '0.5.0',
  '0.6.0',
  '0.6.1',
  '0.7.0',
  '0.7.1',
  '0.8.0',
  '0.8.1',
  '0.8.2',
  '0.8.3',
  '0.8.4',
  '0.8.5' ]

When I run npm publish I get this:

400 Bad Request - PUT https://registry.npmjs.org/{{package}} - Cannot publish over previously published version "1.0.0".

This is my current package.json:

...
"version": "1.0.0",
...

What gives?

EDIT:

Further, even when I try to patch the version and publish a 1.0.1 or a 1.0.2 I get the same message....good grief...

Subsidence answered 19/4, 2019 at 23:54 Comment(0)

So when I was first creating my package a few months ago, I had originally published a 1.0, decided I didn't like it and unpublished it from the registry. I had forgotten I had done this and, due to NPM's policies, which I support, they don't allow you to republish a version of a package that had previously been published. Had to version bump to 1.0.3 in order to get it to work. Might help somebody else out.

The npm view command (with the --json flag) can give you some insight into what's happened. It'll output something like this close to the top

  "time": {
    "created": "2020-06-09T19:57:19.446Z",
    "1.0.0": "2020-06-09T19:57:19.720Z",
    "modified": "2020-08-23T21:31:17.255Z",
    "1.0.1": "2020-06-09T23:32:53.322Z",
    "2.0.0": "2020-06-10T12:49:09.722Z",
    "2.0.1": "2020-06-10T13:17:40.021Z",
    "2.0.2": "2020-06-10T19:37:09.994Z",
    "2.0.3": "2020-06-11T00:24:46.982Z",
    "2.0.4": "2020-08-20T21:18:46.305Z",
    "2.0.5": "2020-08-20T21:20:42.971Z",
    "2.0.6": "2020-08-20T21:35:22.181Z",
    "2.0.7": "2020-08-20T22:30:24.183Z",
    "2.0.8": "2020-08-20T22:42:05.255Z",
    "2.0.9": "2020-08-23T21:31:15.021Z"
  },

Subsidence answered 20/4, 2019 at 2:10 Comment(1)

The policy makes a lot of sense if you think about it, otherwise anybody could republish a package version with a malware in it (imagine a big framework with a dependency on some third party package at a fixed version, if the third party wanted to take advantage he could just republish on that version) – Launceston 20/3, 2021 at 17:49

You cannot publish a package at the version it was unpublished before. You can read more about npm's policy here. https://www.npmjs.com/policies/unpublish

Futile answered 2/4, 2020 at 10:6 Comment(0)

I have encountered a similar problem. Your package may have an unpublished "hidden" version >= 1.0.0. You might as well use npm view <package-name> time to take a look.

The reason is currently unclear. related link: You cannot publish over previously published.. but this version has never been published #5058

Oisin answered 17/9, 2023 at 13:8 Comment(0)

you need to change the version from 1.0.0 to 1.0.1

Ectoparasite answered 3/3, 2023 at 11:58 Comment(0)

Recommended topics

Hot tags