cli icon indicating copy to clipboard operation
cli copied to clipboard

Published 20 hours ago verified publisher icon npm

[BUG] npm pack fails for scoped package from private registry when it's not in the cache

Open Drilmo opened this issue 3 years ago • 4 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

This issue exists in the latest npm version

  • [X] I am using the latest npm

Current Behavior

Since version 7.x if the scoped package is not present in the cache the command "npm pack @foo/bar@baz" returns a 404 error.

Refer to this issue : #2918

Expected Behavior

The command "npm pack @foo/bar@baz" work again with scoped package like npm 6.14.

Steps To Reproduce

  1. Create package with scope like "@foo/bar" in version 1.0.0
  2. On a server that has never installed this package, try using the command "npm pack @foo/[email protected]"
  3. A 404 error occurs.
  4. However, if you do "npm i @foo/[email protected]" it works without error.
  5. Try using the "npm pack @foo/[email protected]" command again
  6. it will work without error.
  7. now try to use "npm cache clean --force"
  8. Try using the "npm pack @foo/[email protected]" command again
  9. A 404 error occurs.

Environment

  • npm: 8.5.5
  • Node.js: 17.8.0
  • OS Name: ubuntu (20.04) macos (latest) windows (latest)

Drilmo avatar Apr 07 '22 09:04 Drilmo

Can you show the output of npm config ls, it looks like there is a scoped registry setting that npm pack is missing that npm install is picking up.

wraithgar avatar May 04 '22 17:05 wraithgar

Hi, I have similar issue, here's the output of my npm config ls

; "builtin" config from C:\Program Files\nodejs\node_modules\npm\npmrc

; prefix = "C:\\Users\\******\\AppData\\Roaming\\npm" ; overridden by user

; "user" config from C:\Users\******\.npmrc

@project-one:registry = "https://<REPO_ADDRESS>/api/v4/packages/npm/"
//<REPO_2_ADDRESS>/repository/npm-public/:_password = (protected)
//<REPO_2_ADDRESS>/repository/npm-public/:username = "admin"
always-auth = true
prefix = "C:\\Users\\******\\AppData\\Roaming\\npm"
registry = "https://<REPO_2_ADDRESS>/repository/npm-public/"

; "project" config from C:\___DEV___\repo-dir\environment-definition\docker\frontend\.npmrc

@project-2:registry = "https://<REPO_ADDRESS>/api/v4/packages/npm/"
//<REPO_ADDRESS>/api/v4/packages/npm/:_authToken = (protected)

; node bin location = C:\Program Files\nodejs\node.exe
; node version = v16.15.1
; npm local prefix = C:\___DEV___\repo-dir\environment-definition\docker\frontend
; npm version = 8.11.0
; cwd = C:\___DEV___\repo-dir\environment-definition\docker\frontend
; HOME = C:\Users\******
; Run `npm config ls -l` to show all defaults.

In my case I needed packages only from the repo scoped as @project-2 so I could work around the issue by removing @project-2: from my instance .npmrc registry definition.

WojtekWZ avatar Mar 02 '23 16:03 WojtekWZ

Same for me using npm v9.5.1

ben12 avatar Mar 31 '23 11:03 ben12

Remove the "path" component from the URI fragment of your .npmrc file auth config, so the credential is scoped to the host instead of a specific path:

//your_gitlab_host/:_authToken=${NPM_TOKEN}

i.e. that’s ~~/api/v4/packages/npm ~~ for //gitlab.com/api/v4/packages/npm/:_authToken=${NPM_TOKEN}

https://docs.npmjs.com/cli/v8/configuring-npm/npmrc/#auth-related-configuration https://docs.gitlab.com/ee/user/packages/npm_registry/#authenticate-to-the-package-registry https://gitlab.com/gitlab-org/gitlab/-/issues/352962

dicksonhk avatar Jun 04 '24 06:06 dicksonhk