Skip to content

Commit 7d4f90d

Browse files
karenjlikarenjli
committed
Simplify documentation
1 parent 88e9a6e commit 7d4f90d

File tree

2 files changed

+6
-7
lines changed

2 files changed

+6
-7
lines changed

content/integrations/integrating-npm-with-external-services/using-private-packages-in-a-ci-cd-workflow.mdx

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -46,10 +46,8 @@ If trusted publishing is not available for your CI/CD provider, you can create a
4646
**Security considerations for bypass 2FA:**
4747

4848
- Only enable bypass 2FA when necessary for automated publishing workflows
49-
- Use the most restrictive permissions possible (limit to specific packages/scopes)
50-
- Set short expiration dates for tokens with bypass 2FA enabled
51-
- Consider using IP address restrictions to limit where the token can be used
52-
- Regularly audit and rotate tokens with bypass 2FA capabilities
49+
- Use restrictive permissions and short expiration dates
50+
- Consider IP address restrictions and regular token rotation
5351
- Use trusted publishing instead of bypass 2FA tokens whenever possible
5452

5553
</Note>

content/packages-and-modules/securing-your-code/requiring-2fa-for-package-publishing-and-settings-modification.mdx

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -14,9 +14,10 @@ For CI/CD workflows, consider using [trusted publishing](/trusted-publishers), w
1414

1515
**Important notes about granular access tokens:**
1616

17-
- **When bypass2FA is true**: The token will bypass all 2FA requirements at all times, regardless of account-level or package-level 2FA settings
18-
- **When bypass2FA is false (default)**: The system will check account-level and package-level settings to determine if 2FA is required
19-
- When "disallow tokens" is selected at the package level, granular access tokens cannot be used regardless of their bypass 2FA setting
17+
- Bypass 2FA configuration is set at token creation
18+
- When **bypass 2FA is disabled**: The system will check account-level and package-level settings to determine if 2FA is required
19+
- When **bypass 2FA is enabled**: The token will bypass all 2FA requirements at all times, regardless of account-level or package-level 2FA settings
20+
- When **Require two-factor authentication and disallow tokens** is selected at the package level, granular access tokens cannot be used regardless of their bypass 2FA setting
2021

2122
</Note>
2223

0 commit comments

Comments
 (0)