Publishing to npm and Semantic Versioning

Before publishing, always run npm publish --dry-run. This simulates the publish without actually uploading anything, showing you exactly which files would be included, their sizes, and the package tarball contents. It catches common mistakes like accidentally including source files or missing the dist directory.

Control what gets published using the files field in package.json: "files": ["dist", "README.md"]. This whitelist approach is safer than .npmignore (which is a blacklist and can leak sensitive files if you forget to add them). Always include dist, type declarations, and documentation. Never include src, tests, or node_modules.