I do something similar to what @phd suggests which is to do a clean clone. The only difference is that I do it on my local machine.

This is how I do it:

set -euo pipefail

function publish() {
    local path="$PWD";
    local tmp;
    tmp="$(mktemp -d)";
    cd "$tmp";
    git init;
    git remote add origin "$path/.git";
    git fetch origin;
    git checkout "${1:-$BRANCH}"
    cd "$tmp";
    npm i;
    npm audit;
    npm t;
    [[ -z "$(git status -s)" ]] || {
        echo "aborting publish: contains uncommited files."
        exit 1
    };
    npm publish
}

You can see the full script over at https://github.com/bas080/git-npm/blob/master/lib/git-npm