npm publish gives "unscoped packages cannot be private"

It appears that (as of November 2018), you have to do:

npm publish --access public

This tells the npm registry that you want your package to be downloadable by everyone. This used to be the default, and from the documentation still should be, so probably this is just a bug in npm. There is some more, not very well written documentation about scoped/unscoped and public/private packages.

Instead of using --access, you can also add the setting to your package.json, as seen in @smnbbrv's answer below. But if I'm right an this is just a bug, you may want to just use --access as a temporary workaround.


With all the credits to @mb21 and his solution there is a small addition to his answer.

The proposed

npm publish --access public

works perfectly. However it is not always possible to make it work within the CI environment, e.g. when you use semantic-release. The proper solution there would be using the very same access parameter but inside your package.jsons publishConfig (btw this also makes it easier to publish manually in the future):

{
  "name": "...",
  ...
  "publishConfig": {
    "access": "public"
  }
}

And now you can use it within CI tools or simply

npm publish

It costed me some time to figure this out, so I hope it saves some time for the future readers.