Developers

Publishing Packages

How to build, verify, and publish @secr/* packages to the public npm registry in the correct dependency order.

Package Overview

Package	Description	Entry point
@secr/shared	Types, Zod schemas, constants	dist/index.js
@secr/sdk	Programmatic API client	dist/index.js
@secr/cli	CLI tool (secr binary)	dist/index.js
@secr/vercel	Vercel build integration (secr-vercel binary)	dist/index.js
@secr/netlify-plugin	Netlify Build Plugin	dist/index.js

All packages use "files": ["dist"] in package.json to ensure only compiled output is published.

Pre-publish Checklist

Bump the version in package.json if needed
Build the package to ensure dist/ is up to date
Dry-run to verify the package contents look correct
Publish to the npm registry

General workflow

npm run build
npm pack --dry-run    # verify only dist/ files are listed
npm publish --access public

Publishing @secr/shared

@secr/shared must be published first since other packages depend on it.

packages/shared

cd packages/shared

# Build TypeScript
npm run build

# Preview what will be in the package
npm pack --dry-run
# You should see only dist/ files (.js and .d.ts)

# Publish (requires npm login)
npm publish --access public

Publishing @secr/sdk

@secr/sdk depends on @secr/shared, so publish shared first.

packages/sdk

cd packages/sdk

npm run build
npm pack --dry-run
npm publish --access public

Publishing @secr/cli

The CLI declares "bin": { "secr": "./dist/index.js" }, so after install the secr command is available globally.

apps/cli

cd apps/cli

npm run build
npm pack --dry-run
npm publish --access public

Publishing @secr/vercel

The Vercel integration declares "bin": { "secr-vercel": "./dist/index.js" }, so users run it with npx @secr/vercel.

integrations/vercel

cd integrations/vercel

npm run build
npm pack --dry-run
npm publish --access public

Publishing @secr/netlify-plugin

The Netlify plugin includes manifest.yml in the published package alongside dist/.

integrations/netlify

cd integrations/netlify

npm run build
npm pack --dry-run
npm publish --access public

Installing from npm

Once published, users install the CLI globally and authenticate:

Install and use

npm install -g @secr/cli

secr login
secr link --org my-org --project my-api --env development
secr pull

For programmatic usage, install the SDK as a project dependency:

npm install @secr/sdk

Publish Order

Dependencies flow upstream to downstream. When publishing multiple packages, follow this order:

Dependency flow

@secr/shared          # 1. No secr dependencies
    |
@secr/sdk             # 2. Depends on shared
    |
    +-- @secr/cli             # 3. Depends on sdk + shared
    +-- @secr/vercel          # 3. Depends on sdk
    +-- @secr/netlify-plugin  # 3. Depends on sdk

@secr/shared — no secr dependencies
@secr/sdk — depends on shared
@secr/cli, @secr/vercel, @secr/netlify-plugin — depend on sdk or shared

Version Management

All inter-package dependencies use exact versions (e.g. "0.1.0")
Keep versions in sync — if you make a breaking change to @secr/shared, bump the version and update all dependents
Publish upstream packages before downstream packages

What's Included / Excluded

Included in the npm package

dist/ — compiled JavaScript + TypeScript declarations

Excluded via .npmignore

Path	Reason
src/	TypeScript source files
tsconfig.json	TypeScript config
vitest.config.ts	Test config
__tests__/	Test directory
*.test.ts	Test files

Ready to publish?

npm run build && npm publish --access public

SDK Reference Back to Docs