Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
feat: drop NPM_TOKEN support (#9391)
Removes support for NPM_TOKEN.

BREAKING CHANGE: Do not use NPM_TOKEN in env to configure npm authentication. Configure hostRules instead.
  • Loading branch information
rarkins committed Apr 22, 2021
1 parent 1a1ace9 commit 5701504
Show file tree
Hide file tree
Showing 10 changed files with 1 addition and 67 deletions.
2 changes: 1 addition & 1 deletion docs/usage/private-modules.md
Expand Up @@ -64,7 +64,7 @@ module.exports = {
};
```

**NOTE:** Do not use `NPM_TOKEN` as an environment variable, it's incompatible with `hostRules` and will be deprecated soon.
**NOTE:** Do not use `NPM_TOKEN` as an environment variable.

### Commit .npmrc file into repository

Expand Down
1 change: 0 additions & 1 deletion lib/config/presets/npm/index.spec.ts
Expand Up @@ -7,7 +7,6 @@ jest.mock('registry-auth-token');
jest.mock('delay');

describe(getName(__filename), () => {
delete process.env.NPM_TOKEN;
beforeEach(() => {
jest.resetAllMocks();
setAdminConfig();
Expand Down
39 changes: 0 additions & 39 deletions lib/datasource/npm/__snapshots__/index.spec.ts.snap
Expand Up @@ -519,45 +519,6 @@ Array [
]
`;
exports[`datasource/npm/index should use NPM_TOKEN if provided 1`] = `
Object {
"name": "@foobar/core",
"registryUrl": "https://registry.npmjs.org/",
"releases": Array [
Object {
"releaseTimestamp": "2018-05-06T05:21:53.000Z",
"version": "0.0.1",
},
Object {
"releaseTimestamp": "2018-05-07T05:21:53.000Z",
"version": "0.0.2",
},
],
"sourceDirectory": "src/a",
"sourceUrl": "https://github.com/renovateapp/dummy",
"tags": Object {
"latest": "0.0.1",
},
"versions": Object {},
}
`;
exports[`datasource/npm/index should use NPM_TOKEN if provided 2`] = `
Array [
Object {
"headers": Object {
"accept": "application/json",
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer some-token",
"host": "registry.npmjs.org",
"user-agent": "https://github.com/renovatebot/renovate",
},
"method": "GET",
"url": "https://registry.npmjs.org/@foobar%2Fcore",
},
]
`;
exports[`datasource/npm/index should use default registry if missing from npmrc 1`] = `
Object {
"name": "foobar",
Expand Down
16 changes: 0 additions & 16 deletions lib/datasource/npm/index.spec.ts
Expand Up @@ -15,7 +15,6 @@ const registryAuthToken: jest.Mock<_registryAuthToken.NpmCredentials> = _registr
let npmResponse: any;

describe(getName(__filename), () => {
delete process.env.NPM_TOKEN;
beforeEach(() => {
jest.resetAllMocks();
httpMock.setup();
Expand Down Expand Up @@ -269,21 +268,6 @@ describe(getName(__filename), () => {
expect(httpMock.getTrace()).toMatchSnapshot();
});

it('should use NPM_TOKEN if provided', async () => {
httpMock
.scope('https://registry.npmjs.org', {
reqheaders: { authorization: 'Bearer some-token' },
})
.get('/@foobar%2Fcore')
.reply(200, { ...npmResponse, name: '@foobar/core' });
const oldToken = process.env.NPM_TOKEN;
process.env.NPM_TOKEN = 'some-token';
const res = await getPkgReleases({ datasource, depName: '@foobar/core' });
process.env.NPM_TOKEN = oldToken;
expect(res).toMatchSnapshot();
expect(httpMock.getTrace()).toMatchSnapshot();
});

it('should use host rules by hostName if provided', async () => {
hostRules.add({
hostType: 'npm',
Expand Down
1 change: 0 additions & 1 deletion lib/datasource/npm/npmrc.spec.ts
Expand Up @@ -9,7 +9,6 @@ const sanitize = mocked(_sanitize);

describe(getName(__filename), () => {
beforeEach(() => {
delete process.env.NPM_TOKEN;
setNpmrc('');
setAdminConfig();
jest.resetAllMocks();
Expand Down
5 changes: 0 additions & 5 deletions lib/datasource/npm/npmrc.ts
Expand Up @@ -129,11 +129,6 @@ export function resolvePackage(packageName: string): PackageResolution {
{ token: maskToken(authInfo.token), npmName: packageName },
'Using auth (via npmrc) for npm lookup'
);
} else if (process.env.NPM_TOKEN && process.env.NPM_TOKEN !== 'undefined') {
logger.warn(
'Support for NPM_TOKEN in env will be dropped in the next major release'
);
headers.authorization = `Bearer ${process.env.NPM_TOKEN}`;
}
return { headers, packageUrl, registryUrl };
}
1 change: 0 additions & 1 deletion lib/manager/npm/post-update/lerna.ts
Expand Up @@ -99,7 +99,6 @@ export async function generateLockFiles(
if (getAdminConfig().trustLevel === 'high') {
execOptions.extraEnv.NPM_AUTH = env.NPM_AUTH;
execOptions.extraEnv.NPM_EMAIL = env.NPM_EMAIL;
execOptions.extraEnv.NPM_TOKEN = env.NPM_TOKEN;
}
if (config.dockerMapDotfiles) {
const homeDir =
Expand Down
1 change: 0 additions & 1 deletion lib/manager/npm/post-update/npm.ts
Expand Up @@ -74,7 +74,6 @@ export async function generateLockFile(
if (getAdminConfig().trustLevel === 'high') {
execOptions.extraEnv.NPM_AUTH = env.NPM_AUTH;
execOptions.extraEnv.NPM_EMAIL = env.NPM_EMAIL;
execOptions.extraEnv.NPM_TOKEN = env.NPM_TOKEN;
}
if (config.dockerMapDotfiles) {
const homeDir =
Expand Down
1 change: 0 additions & 1 deletion lib/manager/npm/post-update/pnpm.ts
Expand Up @@ -53,7 +53,6 @@ export async function generateLockFile(
if (getAdminConfig().trustLevel === 'high') {
execOptions.extraEnv.NPM_AUTH = env.NPM_AUTH;
execOptions.extraEnv.NPM_EMAIL = env.NPM_EMAIL;
execOptions.extraEnv.NPM_TOKEN = env.NPM_TOKEN;
}
if (config.dockerMapDotfiles) {
const homeDir =
Expand Down
1 change: 0 additions & 1 deletion lib/manager/npm/post-update/yarn.ts
Expand Up @@ -124,7 +124,6 @@ export async function generateLockFile(
if (getAdminConfig().trustLevel === 'high') {
execOptions.extraEnv.NPM_AUTH = env.NPM_AUTH;
execOptions.extraEnv.NPM_EMAIL = env.NPM_EMAIL;
execOptions.extraEnv.NPM_TOKEN = env.NPM_TOKEN;
}
if (config.dockerMapDotfiles) {
const homeDir =
Expand Down

0 comments on commit 5701504

Please sign in to comment.