About Is their any risk that anyone else can see my site source
There is no way to protect javascript intended to run in a browser from a determined viewer. If the browser can run it, then any determined viewer can view/run it also.
About NPM:
npm is a package manager for the JavaScript programming language maintained by npm, Inc. npm is the default package manager for the JavaScript runtime environment Node.js.
The npm registry contains packages, many of which are also Node modules, or contain Node modules.
npm has two types of packages,
one is public which everyone can see while the other is, private package which others can't see.
So if you fear that people will see the source code in your package, just make it private or just don't put your code on npm at all.
Thank You so much for your answer I am just talking about that will my site will be published open source or not as I am really afraid as I seen that every github repo is automatically listed in npm packages but I am using my own server I am just using npm run docs:build in order to generate static site so I am just asking that is their any risk that it will be also automatically published and one more thing what's the procedure to make it private, I am using VuePress
Open-source as in software is computer software that is released under a license in which the copyright holder grants users the rights to use, study, change, and distribute the software and its source code to anyone and for any purpose. So it depends on you how you want to release a software. A site is on the other end is copyrighted to the owner. For more info you need to hire a professional.
And for npm private package, take a look here: docs.npmjs.com/creating-and-publishing-private-packages
If it helps you, please mark this as an answer by clicking on the tick mark.
OK But My question is still isn't answered just yes or no If I am just generating static site with npm run docs:build so in middle it is automatically published anywhere or at any place or not?