Create a README file that explains what your package code is and how to use it.
In your preferred text editor, write the code for your package.
Reviewing package contents for sensitive or unnecessary information
Publishing sensitive information to the registry can harm your users, compromise your development infrastructure, be expensive to fix, and put you at risk of legal action. We strongly recommend removing sensitive information, such as private keys, passwords, personally identifiable information (PII), and credit card data before publishing your package to the registry.
For less sensitive information, such as testing data, use a .npmignore or .gitignore file to prevent publishing to the registry. For more information, see this article.
Testing your package
To reduce the chances of publishing bugs, we recommend testing your package before publishing it to the npm registry. To test your package, run npm install with the full path to your package directory:
npm install my-package
Publishing scoped public packages
By default, scoped packages are published with private visibility. To publish a scoped package with public visibility, use npm publish --access public.
On the command line, navigate to the root directory of your package.
To publish your scoped public package to the npm registry, run:
npm publish --access public
To see your public package page, visit https://npmjs.com/package/\*package-name\*, replacing *package-name* with the name of your package. Public packages will say public below the package name on the npm website.