New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] npm publish
and npm install
fail depending on .npmrc
syntax used
#2567
Comments
Using When using the following project
If I run |
I'm having trouble replicating this locally. I can publish just fine using the config setup mentioned. Here's the output of $ npm config list
; "builtin" config from /Users/wraithgar/.nvm/versions/node/v14.15.4/lib/node_modules/npm/npmrc
foo = "bar"
pid = "6284"
; "user" config from /Users/wraithgar/.npmrc
@npm:registry = "https://npm.pkg.github.com"
; @wraithgar:registry = "https://npm.pkg.github.com" ; overridden by project
//npm.pkg.github.com/:_authToken = (protected)
//registry.npmjs.org/:_authToken = (protected)
init.author.email = "gar+npm@danger.computer"
init.author.name = "Gar"
; "project" config from /Users/wraithgar/Development/npm/gh-registry-test/.npmrc
@wraithgar:registry = "https://npm.pkg.github.com/"
; "cli" config from command line options
omit = []
user-agent = "npm/7.5.2 node/v14.15.4 darwin x64"
; node bin location = /Users/wraithgar/.nvm/versions/node/v14.15.4/bin/node
; cwd = /Users/wraithgar/Development/npm/gh-registry-test
; HOME = /Users/wraithgar
; Run `npm config ls -l` to show all defaults. And the {
"name": "@wraithgar/gh-registry-test",
"version": "1.0.1",
"description": "github registry test package",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"author": "Gar <gar+npm@danger.computer>",
"license": "ISC",
"dependencies": {
"bootstrap": "^4.6.0"
}
} With or without a package-lock, or having the packages installed, publishing works just fine. Can you share the output of |
Sure thing. This is the output of running ; "user" config from /Users/jst/.npmrc
; @my-org:registry = "https://npm.pkg.github.com/" ; overridden by project
//npm.pkg.github.com/:_authToken = (protected)
; "project" config from /Users/jst/Code/my-project/.npmrc
@my-org:registry = "https://npm.pkg.github.com/"
; "cli" config from command line options
omit = []
user-agent = "npm/7.5.2 node/v15.7.0 darwin arm64"
; node bin location = /Users/jst/.nvm/versions/node/v15.7.0/bin/node
; cwd = /Users/jst/Code/my-project
; HOME = /Users/jst
; Run `npm config ls -l` to show all defaults. |
I'm seeing something similar. npm v7 was just "released" and now all our
This still generates an .npmrc file that looks identical between npm v6 and npm v7.
However, attempting to use it fails on v7:
|
I can also confirm that adding |
ok! I was able to duplicate this locally be removing the login token for registry.npmjs.org from my |
I'm glad that the If this is not feasible for your current setup, but adding a line to your |
I am trying to use a different internal repository. It is not clear to me how (if?) your suggested workaround fixes things. |
The bug is fixed in this PR #2602 What happens is that currently the cli is only looking for your configured "registry" setting when seeing if you have logged in. So the temporary solution is either to override that setting (as you were doing by passing |
Sorry for being dumb about this, but can you provide an example of what a "dummy token" would look like in the |
Not at all! Here's what I used locally to test that approach: //registry.npmjs.org/:_authToken=dummy
Very good question. No it will not, that token is only ever inspected by the npm registry for things that actually require auth (i.e. publishing, reading private scoped packages, star/unstar). A request for a public (scoped or unscoped) package won't be affected by a bad auth token. |
Just a reminder that's still a temporary solution, it'd of course be best to remove the dummy token once that PR lands. |
Yep, thanks. I can confirm that works and is a much easier workaround when doing manual publishing. |
I have this problem npm ERR! A complete log of this run can be found in: |
This should be fixed now as of |
Unfortunately, #2639 prevented a clean update to |
Current Behavior:
I am attempting to configure a project to install dependencies from NPM. I will be publishing the project to GitHub Packages as a private package. If I use this syntax in my project's
.npmrc
:I can install dependencies from NPM using
npm install
on my local machine. However, I cannot publish to GitHub Packages usingnpm publish
. NPM informs me that I'm not authenticated. If I use this syntax in my project's.npmrc
:I can publish using
npm publish
, but I cannot install dependencies withnpm install
. NPM informs me that it's trying to install dependencies from GitHub Packages, rather than NPM.Expected Behavior:
Based on my reading, both syntaxes should be compatible with
npm install
andnpm publish
. However, it appears I can only use one or the other, based on my intended use.Steps To Reproduce:
Install Node
v15.7.0
and NPM7.4.3
via nvm.Log in to GitHub Packages with the command:
Check our
~/.npmrc
file in our home folder. It should read:Create project with the following
package.json
:Add the following
.npmrc
to our project:Run
npm install
. Installation should succeed.Run
npm publish
. Receive the following error:Change the project
.npmrc
to:Run
npm publish
. Publishing should succeed.rm -rf node_modules/ package-lock.json
in project.Run
npm install
. Receive following error:Environment:
The text was updated successfully, but these errors were encountered: