refactor: change order for publishing

[nfischer]

This completely changes the order of steps we follow for publishing a
package. The goal here is to move npm publish as close as possible to
the beginning so that we can error-out early if it fails (e.g. 2FA
errors).

At a high level, our new steps are:

• npm version (bump version, commit, make tag)
• echo npm publish
  • if successful, push commit & tag
  • if failed, undo commit & tag

In the case of failure, we still provide the same granularity of error
output: we check to see if the user is logged in, if they're
owner/contributor, etc. In addition, we also provide some error output
if the user is outside of a git repo (the usual cause for npm version
failures).

While this refactor is done to enable supporting 2FA, this does not
itself provide OTP support. This refactor also adds TODOs for other
bugs, which will be resolved in follow-up PRs.

Issue #5

[nfischer]

@freitagbr this is battle tested on the v0.2.0 releases for the plugins:

• https://github.com/nfischer/shelljs-plugin-tr
• https://github.com/nfischer/shelljs-plugin-inspect
• https://github.com/nfischer/shelljs-plugin-clear
• https://github.com/nfischer/shelljs-plugin-sleep
• https://github.com/shelljs/plugin-open

This finishes way faster now (about 6-7 seconds). I did local tests with an extra patch for --otp which will wrap up #5, but I'll upload that in a separate PR.

[freitagbr]

We can fix issue #4 while we're here.

[freitagbr]

This can be checked easily:

if (exec('git rev-parse --abbrev-ref HEAD').trim() !== 'master') {
    echo('');
    echo('Releases are permitted only from the master branch.');
    exit(1);
}

[nfischer]

Let's keep it in a separate PR

[freitagbr]

LGTM

[nfischer]

Thanks! I'll upload PRs later to finish #5 and fix the TODOs for #4 and #2