npm private packages lookup from wrong (public) registry #28905
Unanswered
fjakop
asked this question in
Request Help
Replies: 1 comment
-
Renovate has never used the lockfile as the source of truth for "which registry should we look up?". Renovate will look for:
If you don't have the file in the repo then you need one of the last two in your config. Also, it's not even Renovate which writes to |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
What would you like help with?
I would like help with my configuration
How are you running Renovate?
Self-hosted
If you're self-hosting Renovate, tell us which platform (GitHub, GitLab, etc) and which version of Renovate.
GitLab, ghcr.io/renovatebot/renovate:37.338.0
Please tell us more about your question or problem
A few months ago lookup of packages from private registry was ok. Now it seems that package-lock.json is no longer taken in account and all packages are tried to be looked up from https://registry.npmjs.org instead of the private one.
config.json hostrules
package-lock.json
There's no .npmrc present.
Was there some major change to renovatebot which makes a change to config necessary?
Kind regards
Frank
Logs (if relevant)
Logs
Beta Was this translation helpful? Give feedback.
All reactions