semantic-release
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-      - uses: actions/setup-node@v1
+      - uses: actions/setup-node@v2
       - uses: bahmutov/npm-install@v1
       - run: npx semantic-release
         env:

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -1,15 +1,13 @@
 name: Test
-
-on:
+"on":
   push:
     branches:
       - master
-
+      - renovate/**
   pull_request:
     types:
       - opened
       - synchronize
-
 jobs:
   test_matrix:
     strategy:
@@ -20,31 +18,23 @@ jobs:
           - 14
         os:
           - ubuntu-latest
-          # only ubuntu has the "docker" binary available
-          # - macos-latest
-          # - windows-latest
-
-    runs-on: ${{ matrix.os }}
-
+    runs-on: "${{ matrix.os }}"
     steps:
       - uses: actions/checkout@v2
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
+      - name: "Use Node.js ${{ matrix.node-version }}"
+        uses: actions/setup-node@v2
         with:
-          node-version: ${{ matrix.node-version }}
+          node-version: "${{ matrix.node-version }}"
       - uses: bahmutov/npm-install@v1
-      - run: npm run test:ci
-
-  # separate job to set as required in branch protection,
-  # as the build names above change each time Node versions change
+      - run: "npm run test:ci"
   test:
     runs-on: ubuntu-latest
     needs: test_matrix
     steps:
       - uses: actions/checkout@v2
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
+      - name: "Use Node.js ${{ matrix.node-version }}"
+        uses: actions/setup-node@v2
         with:
-          node-version: ${{ matrix.node-version }}
+          node-version: "${{ matrix.node-version }}"
       - uses: bahmutov/npm-install@v1
       - run: npm run lint
diff --git a/README.md b/README.md
@@ -45,12 +45,13 @@ Both the [token](https://docs.npmjs.com/getting-started/working_with_tokens) and
 
 ### Environment variables
 
-| Variable       | Description                                                                                                                   |
-| -------------- | ----------------------------------------------------------------------------------------------------------------------------- |
-| `NPM_TOKEN`    | Npm token created via [npm token create](https://docs.npmjs.com/getting-started/working_with_tokens#how-to-create-new-tokens) |
-| `NPM_USERNAME` | Npm username created via [npm adduser](https://docs.npmjs.com/cli/adduser) or on [npmjs.com](https://www.npmjs.com)           |
-| `NPM_PASSWORD` | Password of the npm user.                                                                                                     |
-| `NPM_EMAIL`    | Email address associated with the npm user                                                                                    |
+| Variable                | Description                                                                                                                   |
+| ----------------------- | ----------------------------------------------------------------------------------------------------------------------------- |
+| `NPM_TOKEN`             | Npm token created via [npm token create](https://docs.npmjs.com/getting-started/working_with_tokens#how-to-create-new-tokens) |
+| `NPM_USERNAME`          | Npm username created via [npm adduser](https://docs.npmjs.com/cli/adduser) or on [npmjs.com](https://www.npmjs.com)           |
+| `NPM_PASSWORD`          | Password of the npm user.                                                                                                     |
+| `NPM_EMAIL`             | Email address associated with the npm user                                                                                    |
+| `NPM_CONFIG_USERCONFIG` | Path to non-default .npmrc file                                                                                                 |
 
 Use either `NPM_TOKEN` for token authentication or `NPM_USERNAME`, `NPM_PASSWORD` and `NPM_EMAIL` for legacy authentication
 
@@ -62,7 +63,7 @@ Use either `NPM_TOKEN` for token authentication or `NPM_USERNAME`, `NPM_PASSWORD
 | `pkgRoot`    | Directory path to publish.                                                                                          | `.`                                                                                                                              |
 | `tarballDir` | Directory path in which to write the the package tarball. If `false` the tarball is not be kept on the file system. | `false`                                                                                                                          |
 
-**Note**: The `pkgRoot` directory must contains a `package.json`. The version will be updated only in the `package.json` and `npm-shrinkwrap.json` within the `pkgRoot` directory.
+**Note**: The `pkgRoot` directory must contain a `package.json`. The version will be updated only in the `package.json` and `npm-shrinkwrap.json` within the `pkgRoot` directory.
 
 **Note**: If you use a [shareable configuration](https://github.com/semantic-release/semantic-release/blob/master/docs/usage/shareable-configurations.md#shareable-configurations) that defines one of these options you can set it to `false` in your [**semantic-release** configuration](https://github.com/semantic-release/semantic-release/blob/master/docs/usage/configuration.md#configuration) in order to use the default value.
 
@@ -121,7 +122,7 @@ When publishing from a sub-directory with the `pkgRoot` option, the `package.jso
 ```json
 {
   "scripts": {
-    "postpublish": "cp -r package.json .. && cp -r npm-shrinkwrap.json .."
+    "postversion": "cp -r package.json .. && cp -r npm-shrinkwrap.json .."
   }
 }
 ```
diff --git a/lib/definitions/errors.js b/lib/definitions/errors.js
@@ -36,7 +36,8 @@ Please make sure to create an [npm token](https://docs.npmjs.com/getting-started
       'README.md#npm-registry-authentication'
     )}) configured in the \`NPM_TOKEN\` environment variable must be a valid [token](https://docs.npmjs.com/getting-started/working_with_tokens) allowing to publish to the registry \`${registry}\`.
 
-If you are using Two-Factor Authentication, make configure the \`auth-only\` [level](https://docs.npmjs.com/getting-started/using-two-factor-authentication#levels-of-authentication) is supported. **semantic-release** cannot publish with the default \`auth-and-writes\` level.
+If you are using Two Factor Authentication for your account, set its level to ["Authorization only"](https://docs.npmjs.com/getting-started/using-two-factor-authentication#levels-of-authentication) in your account settings. **semantic-release** cannot publish with the default "
+Authorization and writes" level.
 
 Please make sure to set the \`NPM_TOKEN\` environment variable in your CI with the exact value of the npm token.`,
   }),

diff --git a/lib/get-pkg.js b/lib/get-pkg.js
@@ -15,8 +15,8 @@ module.exports = async ({pkgRoot}, {cwd}) => {
   } catch (error) {
     if (error.code === 'ENOENT') {
       throw new AggregateError([getError('ENOPKG')]);
-    } else {
-      throw new AggregateError([error]);
     }
+
+    throw new AggregateError([error]);
   }
 };
diff --git a/lib/get-registry.js b/lib/get-registry.js
@@ -7,5 +7,9 @@ module.exports = ({publishConfig: {registry} = {}, name}, {cwd, env}) =>
   env.NPM_CONFIG_REGISTRY ||
   getRegistryUrl(
     name.split('/')[0],
-    rc('npm', {registry: 'https://registry.npmjs.org/'}, {config: path.resolve(cwd, '.npmrc')})
+    rc(
+      'npm',
+      {registry: 'https://registry.npmjs.org/'},
+      {config: env.NPM_CONFIG_USERCONFIG || path.resolve(cwd, '.npmrc')}
+    )
   );