CLI documentation update from CI

Author: npm-cli-bot

cli-cache.json

@@ -2,5 +2,5 @@
   "v8": "aa8fff11cdab94fff1a2160ee5241f5f4632e96b",
   "v9": "64763a341e7aa5b456e696f956759bf9b3440dc1",
   "v10": "6755ca2d5301b079f9e2581fc72ba2a612171364",
-  "v11": "3439a89d58a25deac08650da53157595e8b8edfb"
+  "v11": "52714855e62a196fb853872f5106803605ab0ec4"
 }

content/cli/v11/commands/npm-ls.mdx

@@ -52,7 +52,7 @@ Note: to get a "bottoms up" view of why a given package is included in the tree
 Positional arguments are `name@version-range` identifiers, which will limit the results to only the paths to the packages named. Note that nested packages will _also_ show the paths to the specified packages. For example, running `npm ls promzard` in npm's source tree will show:
 
 ```bash
-npm@11.6.2 /path/to/npm
+npm@11.6.4 /path/to/npm
 └─┬ init-package-json@0.0.4
   └── promzard@0.1.5
 ```

content/cli/v11/commands/npm-publish.mdx

@@ -45,6 +45,32 @@ npm publish <package-spec>
 
 Publishes a package to the registry so that it can be installed by name.
 
+### Examples
+
+Publish the package in the current directory:
+
+```bash
+npm publish
+```
+
+Publish a specific workspace:
+
+```bash
+npm publish --workspace=<workspace-name>
+```
+
+Publish multiple workspaces:
+
+```bash
+npm publish --workspace=workspace-a --workspace=workspace-b
+```
+
+Publish all workspaces:
+
+```bash
+npm publish --workspaces
+```
+
 By default npm will publish to the public registry. This can be overridden by specifying a different default registry or using a [`scope`](/cli/v11/using-npm/scope) in the name, combined with a scope-configured registry (see [`package.json`](/cli/v11/configuring-npm/package-json)).
 
 A `package` is interpreted the same way as other commands (like `npm install`) and can be:

content/cli/v11/commands/npm-token.mdx

@@ -40,7 +40,7 @@ redirect_from:
 ```bash
 npm token list
 npm token revoke <id|token>
-npm token create [--read-only] [--cidr=list]
+npm token create --name=<name> [--token-description=<desc>] [--packages=<pkg1,pkg2>] [--packages-all] [--scopes=<scope1,scope2>] [--orgs=<org1,org2>] [--packages-and-scopes-permission=<read-only|read-write|no-access>] [--orgs-permission=<read-only|read-write|no-access>] [--expires=<days>] [--cidr=<ip-range>] [--bypass-2fa] [--password=<pass>]
 ```
 
 Note: This command is unaware of workspaces.
@@ -73,12 +73,68 @@ Created publish token a73c9572-f1b9-8983-983d-ba3ac3cc913d
 
 ### Configuration
 
-#### `read-only`
+#### `name`
+
+- Default: null
+- Type: null or String
+
+When creating a Granular Access Token with `npm token create`, this sets the name/description for the token.
+
+#### `token-description`
+
+- Default: null
+- Type: null or String
+
+Description text for the token when using `npm token create`.
+
+#### `expires`
+
+- Default: null
+- Type: null or Number
+
+When creating a Granular Access Token with `npm token create`, this sets the expiration in days. If not specified, the server will determine the default expiration.
+
+#### `packages`
+
+- Default:
+- Type: null or String (can be set multiple times)
+
+When creating a Granular Access Token with `npm token create`, this limits the token access to specific packages. Provide a comma-separated list of package names.
+
+#### `packages-all`
 
 - Default: false
 - Type: Boolean
 
-This is used to mark a token as unable to publish when configuring limited access tokens with the `npm token create` command.
+When creating a Granular Access Token with `npm token create`, grants the token access to all packages instead of limiting to specific packages.
+
+#### `scopes`
+
+- Default: null
+- Type: null or String (can be set multiple times)
+
+When creating a Granular Access Token with `npm token create`, this limits the token access to specific scopes. Provide a comma-separated list of scope names (with or without @ prefix).
+
+#### `orgs`
+
+- Default: null
+- Type: null or String (can be set multiple times)
+
+When creating a Granular Access Token with `npm token create`, this limits the token access to specific organizations. Provide a comma-separated list of organization names.
+
+#### `packages-and-scopes-permission`
+
+- Default: null
+- Type: null, "read-only", "read-write", or "no-access"
+
+When creating a Granular Access Token with `npm token create`, sets the permission level for packages and scopes. Options are "read-only", "read-write", or "no-access".
+
+#### `orgs-permission`
+
+- Default: null
+- Type: null, "read-only", "read-write", or "no-access"
+
+When creating a Granular Access Token with `npm token create`, sets the permission level for organizations. Options are "read-only", "read-write", or "no-access".
 
 #### `cidr`
 
@@ -87,6 +143,20 @@ This is used to mark a token as unable to publish when configuring limited acces
 
 This is a list of CIDR address to be used when configuring limited access tokens with the `npm token create` command.
 
+#### `bypass-2fa`
+
+- Default: false
+- Type: Boolean
+
+When creating a Granular Access Token with `npm token create`, setting this to true will allow the token to bypass two-factor authentication. This is useful for automation and CI/CD workflows.
+
+#### `password`
+
+- Default: null
+- Type: null or String
+
+Password for authentication. Can be provided via command line when creating tokens, though it's generally safer to be prompted for it.
+
 #### `registry`
 
 - Default: "https://registry.npmjs.org/"
@@ -103,6 +173,13 @@ This is a one-time password from a two-factor authenticator. It's needed when pu
 
 If not set, and a registry response fails with a challenge for a one-time password, npm will prompt on the command line for one.
 
+#### `read-only`
+
+- Default: false
+- Type: Boolean
+
+This is used to mark a token as unable to publish when configuring limited access tokens with the `npm token create` command.
+
 ### See Also
 
 - [npm adduser](/cli/v11/commands/npm-adduser)

content/cli/v11/commands/npm-version.mdx

@@ -93,6 +93,17 @@ If set to true, then the `npm version` command will tag the version using `-s` t
 
 Note that git requires you to have set up GPG keys in your git configs for this to work properly.
 
+#### `save`
+
+- Default: `true` unless when using `npm update` where it defaults to `false`
+- Type: Boolean
+
+Save installed packages to a `package.json` file as dependencies.
+
+When used with the `npm rm` command, removes the dependency from `package.json`.
+
+Will also prevent writing to `package-lock.json` if set to `false`.
+
 #### `workspace`
 
 - Default:
@@ -141,6 +152,15 @@ When false, specifying individual workspaces via the `workspace` config, or all
 
 This value is not exported to the environment for child processes.
 
+#### `ignore-scripts`
+
+- Default: false
+- Type: Boolean
+
+If true, npm does not run scripts specified in package.json files.
+
+Note that commands explicitly intended to run a particular script, such as `npm start`, `npm stop`, `npm restart`, `npm test`, and `npm run` will still run their intended script if `ignore-scripts` is set, but they will _not_ run any pre- or post-scripts.
+
 ### Description
 
 Run this in a package directory to bump the version and write the new data back to `package.json`, `package-lock.json`, and, if present, `npm-shrinkwrap.json`.

content/cli/v11/commands/npm.mdx

@@ -31,7 +31,7 @@ Note: This command is unaware of workspaces.
 
 ### Version
 
-11.6.2
+11.6.4
 
 ### Description
 
@@ -70,7 +70,7 @@ See [`folders`](/cli/v11/configuring-npm/folders) to learn about where npm puts
 In particular, npm has two modes of operation:
 
 - local mode: npm installs packages into the current project directory, which defaults to the current working directory. Packages install to `./node_modules`, and bins to `./node_modules/.bin`.
-- global mode: npm installs packages into the install prefix at `$npm_config_prefix/lib/node_modules` and bins to `$npm_config_prefix/bin`.
+- global mode: npm installs packages into the install prefix at `$NPM_CONFIG_PREFIX/lib/node_modules` and bins to `$NPM_CONFIG_PREFIX/bin`.
 
 Local mode is the default. Use `-g` or `--global` on any command to run in global mode instead.
 
@@ -89,7 +89,7 @@ If you're using npm to develop and publish your code, check out the following he
 npm is extremely configurable. It reads its configuration options from 5 places.
 
 - Command line switches: Set a config with `--key val`. All keys take a value, even if they are booleans (the config parser doesn't know what the options are at the time of parsing). If you do not provide a value (`--key`) then the option is set to boolean `true`.
-- Environment Variables: Set any config by prefixing the name in an environment variable with `npm_config_`. For example, `export npm_config_key=val`.
+- Environment Variables: Set any config by prefixing the name in an environment variable with `NPM_CONFIG_`. For example, `export NPM_CONFIG_KEY=val`.
 - User Configs: The file at `$HOME/.npmrc` is an ini-formatted list of configs. If present, it is parsed. If the `userconfig` option is set in the cli or env, that file will be used instead.
 - Global Configs: The file found at `./etc/npmrc` (relative to the global prefix will be parsed if it is found. See [`npm prefix`](/cli/v11/commands/npm-prefix) for more info on the global prefix. If the `globalconfig` option is set in the cli, env, or user config, then that file is parsed instead.
 - Defaults: npm's default configuration options are defined in `lib/utils/config/definitions.js`. These must not be changed.

content/cli/v11/configuring-npm/package-json.mdx

@@ -69,6 +69,16 @@ Put a description in it. It's a string. This helps people discover your package,
 
 Put keywords in it. It's an array of strings. This helps people discover your package as it's listed in `npm search`.
 
+Example:
+
+```json
+"keywords": [
+  "node",
+  "javascript",
+  "npm"
+]
+```
+
 ### homepage
 
 The URL to the project homepage.

content/cli/v11/configuring-npm/package-lock-json.mdx

@@ -122,6 +122,12 @@ Package descriptors have the following fields:
 
 - bin, license, engines, dependencies, optionalDependencies: fields from `package.json`
 
+- os: An array of operating systems this package is compatible with, as specified in `package.json`. This field is included when the package specifies OS restrictions.
+
+- cpu: An array of CPU architectures this package is compatible with, as specified in `package.json`. This field is included when the package specifies CPU restrictions.
+
+- funding: Funding information for the package, as specified in `package.json`. This field contains details about how to support the package maintainers.
+
 #### dependencies
 
 Legacy data for supporting versions of npm that use `lockfileVersion: 1`. This is a mapping of package names to dependency objects. Because the object structure is strictly hierarchical, symbolic link dependencies are somewhat challenging to represent in some cases.