npm deprecate: Usage & Common Errors
Warn users away from a published version.
npm deprecate attaches a deprecation message to a published version or semver range, which npm prints when anyone installs it.
What it does
Sets a deprecation warning on the matching versions in the registry without unpublishing them - installs still work but emit the message. Passing an empty string ("") as the message clears the deprecation. You must be an authenticated owner.
Common usage
Terminal
npm deprecate my-pkg@"<2.0.0" "Upgrade to 2.x; 1.x is unsupported"
npm deprecate my-pkg@1.4.2 "Security issue, use 1.4.3"
npm deprecate my-pkg@1.4.2 "" # un-deprecateCommon error: deprecate requires auth/ownership
npm deprecate fails with a 403/E403 when the token is not an owner of the package or lacks permission. Use an automation token belonging to a maintainer (or the owning org) and confirm with npm owner ls before running it in a pipeline.
Terminal
npm owner ls my-pkg # confirm ownership firstRelated guides
npm owner: Usage, Options & Common Errorsnpm owner adds, removes, and lists the maintainers of a published package. Usage and the permission errors yo…
npm dist-tag: Usage, Options & Common Errorsnpm dist-tag adds, removes, and lists the named tags (latest, beta, next) that map to package versions. Usage…
npm "warn deprecated" Escalating to a Failed Build - Fix in CIFix cases where `npm warn deprecated` turns into an actual CI failure - a deprecated transitive package remov…