Current Behavior:
I am attempting to configure a project to install dependencies from NPM. I will be publishing the project to GitHub Packages as a private package. If I use this syntax in my project's .npmrc:
#my-org:registry=https://npm.pkg.github.com/
I can install dependencies from NPM using npm install on my local machine. However, I cannot publish to GitHub Packages using npm publish. NPM informs me that I'm not authenticated. If I use this syntax in my project's .npmrc:
registry=https://npm.pkg.github.com/my-org/
I can publish using npm publish, but I cannot install dependencies with npm install. NPM informs me that it's trying to install dependencies from GitHub Packages, rather than NPM.
Expected Behavior:
Based on my reading, both syntaxes should be compatible with npm install and npm publish. However, it appears I can only use one or the other, based on my intended use.
Steps To Reproduce:
Install Node v15.7.0 and NPM 7.4.3 via nvm.
Log in to GitHub Packages with the command:
npm login --scope=#my-org --registry=https://npm.pkg.github.com
Check our ~/.npmrc file in our home folder. It should read:
#my-org:registry=https://npm.pkg.github.com/
//npm.pkg.github.com/:_authToken=<auth-token-used-for-login>
Create project with the following package.json:
{
"name": "#my-org/my-package",
"description": "A test.",
"version": "1.0.0",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"repository": {
"type": "git",
"url": "https://github.com/my-org/my-package.git"
},
"keywords": ["example"],
"author": "Me",
"license": "ISC",
"bugs": {
"url": "https://github.com/my-org/my-package/issues"
},
"homepage": "https://github.com/my-org/my-package",
"dependencies": {
"bootstrap": "^4.5.2"
}
}
Add the following .npmrc to our project:
#my-org:registry=https://npm.pkg.github.com/
Run npm install. Installation should succeed.
Run npm publish. Receive the following error:
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/my-user/.npm/_logs/2021-01-28T20_19_55_974Z-debug.log
Change the project .npmrc to:
registry=https://npm.pkg.github.com/my-org/
Run npm publish. Publishing should succeed.
rm -rf node_modules/ package-lock.json in project.
Run npm install. Receive following error:
npm ERR! code E401
npm ERR! Incorrect or missing password.
npm ERR! If you were trying to login, change your password, create an
npm ERR! authentication token or enable two-factor authentication then
npm ERR! that means you likely typed your password in incorrectly.
npm ERR! Please try again, or recover your password at:
npm ERR! https://www.npmjs.com/forgot
npm ERR!
npm ERR! If you were doing some other operation then your saved credentials are
npm ERR! probably out of date. To correct this please try logging in again with:
npm ERR! npm login
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/my-user/.npm/_logs/2021-01-28T20_38_20_711Z-debug.log
Environment:
OS:
MacOS Catalina 10.15.7
MacOS Big Sur 11.1
Node: 15.7.0
npm: 7.4.3
Things I've tried
Using publishConfig
Unfortunately, publishConfig doesn't fix the issue. It also doesn't address that the two .npmrc syntaxes produce different results.
Project .npmrc authToken
NPM's documentation states there is no need to include the authToken in the project .npmrc. Authenticating with npm login and storing the authToken in the global ~/.npmrc should be sufficient.
Workaround
Using the --registry command line flag
I've found a workaround until the NPM bug affecting this issue is resolved. When using the following project .npmrc syntax:
#my-org:registry=https://npm.pkg.github.com/
If I run npm publish --registry=https://npm.pkg.github.com/, I can publish successfully. In addition, I can install dependencies without issue.
Update (May 30, 2021)
This has been fixed in NPM 7.5.3 and above.
Original answer (April 20, 2021)
This has been confirmed as a bug on NPM 7.x. The team is currently working to fix the bug with their GitHub Pull Request #2602. Until this bug fix has been released, the best recommendation is to do one of the workarounds listed below.
Workaround 1: --registry command line flag
When running npm publish, add the --registry flag. This flag enables developers to specify the registry they're aiming to publish to, overriding .npmrc or package.json configurations. For the example listed in my question, the project .npmrc should contain:
#my-org:registry=https://npm.pkg.github.com/
Publishing will succeed when initiated by running:
npm publish --registry=https://npm.pkg.github.com/
Workaround 2: Dummy token for default registry
According to npm developer wraithgar's comment on this bug's GitHub issue, you can use a dummy token for the default NPM registry to workaround this issue. In our project's .npmrc, add the following line:
//registry.npmjs.org/:_authToken=dummy
The full project .npmrc should contain:
//registry.npmjs.org/:_authToken=dummy
#my-org:registry=https://npm.pkg.github.com/
In the question, neither of the project .npmrc syntax's we've tried to use has designated a registry, because NPM's documentation states we don't have to. The documentation states that it'll check our global ~/.npmrc if there isn't one in our project .npmrc. The bug in NPM is causing NPM to check if a project .npmrc has designated a registry before it'll attempt to authenticate. In wraithgar's own words:
What happens is that currently the cli is only looking for your configured "registry" setting when seeing if you have logged in. So the temporary solution is either to override that setting (as you were doing by passing --registry), OR to add a token for the default (npm) registry so that the check for a token does not fail. The check is only looking for the presence of a token in the config, it's not validating it (that of course will happen when and if it is used during an actual request), so putting a dummy value in will stop the error until that PR lands.
After adding the dummy token, running npm publish and npm install should both succeed.
I had the same error. First thing I have fixed was npm version to > 7.5.3 as suggested in accepted answer, but no luck, same error:
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`
After trying all of advised workarounds it still was giving the same output. Finally I found the reason: I forgot to add the scope in the package.json "name" property, so problem was solved by changing
{
"name": "my-package",
...
to
{
"name": "#my-org/my-package",
...
I found 2 problems in steps from 1 to 7.
in step 4, did you try to add the field below in the package.json
"publishConfig": {
"registry": "https://npm.pkg.github.com/"
}
in .npmrc in step 5, I didn't see //npm.pkg.github.com/:_authToken=<auth-token-used-for-login>, remember // is not the comment. ; or # are for comments. https://docs.npmjs.com/cli/v6/configuring-npm/npmrc#comments
Related
The error I'm getting is like this:
vaibhav#Knighthood MINGW64 ~/Desktop/Coding NInja/tool (master)
$ npm start
> tool#0.1.0 start C:\Users\vaibhav\Desktop\Coding NInja\tool
> react-scripts start
There might be a problem with the project dependency tree.
It is likely not a bug in Create React App, but something you need to fix locally.
The react-scripts package provided by Create React App requires a dependency:
"webpack": "4.42.0"
Don't try to install it manually: your package manager does it automatically.
However, a different version of webpack was detected higher up in the tree:
C:\Users\vaibhav\node_modules\webpack (version: 4.44.1)
Manually installing incompatible versions is known to cause hard-to-debug issues.
If you would prefer to ignore this check, add SKIP_PREFLIGHT_CHECK=true to an .env file in your project.
That will permanently disable this message but you might encounter other issues.
To fix the dependency tree, try following the steps below in the exact order:
1. Delete package-lock.json (not package.json!) and/or yarn.lock in your project folder.
2. Delete node_modules in your project folder.
3. Remove "webpack" from dependencies and/or devDependencies in the package.json file in your project folder.
4. Run npm install or yarn, depending on the package manager you use.
In most cases, this should be enough to fix the problem.
If this has not helped, there are a few other things you can try:
5. If you used npm, install yarn (http://yarnpkg.com/) and repeat the above steps with it instead.
This may help because npm has known issues with package hoisting which may get resolved in future versions.
6. Check if C:\Users\vaibhav\node_modules\webpack is outside your project directory.
For example, you might have accidentally installed something in your home folder.
7. Try running npm ls webpack in your project folder.
This will tell you which other package (apart from the expected react-scripts) installed webpack.
If nothing else helps, add SKIP_PREFLIGHT_CHECK=true to an .env file in your project.
That would permanently disable this preflight check in case you want to proceed anyway.
P.S. We know this message is long but please read the steps above :-) We hope you find them helpful!
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! tool#0.1.0 start: `react-scripts start`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the tool#0.1.0 start script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! C:\Users\vaibhav\AppData\Roaming\npm-cache\_logs\2020-09-01T10_23_38_476Z-debug.log
I have tried to fix the dependency tree by the suggested steps:
Delete package-lock.json (not package.json!) and/or yarn.lock in your project folder.
Delete node_modules in your project folder.
Remove "webpack" from dependencies and/or devDependencies in the
package.json file in your project folder.
Run npm install or yarn, depending on the package manager you use.
But I'm still facing the same error.
My system configurations are:
Node -v : 12.18.3
npm -v : 6.14.8
OS : Windows 10 pro v2004 H1 x64
I was trying to make video conferencing using React, but after installing npm start isn't working. It is showing this in my terminal:
There might be a problem with the project dependency tree.
It is likely not a bug in Create React App, but something you need to fix locally.
The react-scripts package provided by Create React App requires a dependency:
"babel-eslint": "10.1.0"
Don't try to install it manually: your package manager does it automatically.
However, a different version of babel-eslint was detected higher up in the tree:
C:\Users\Vatsal\node_modules\babel-eslint (version: 10.0.0)
Manually installing incompatible versions is known to cause hard-to-debug issues.
If you would prefer to ignore this check, add SKIP_PREFLIGHT_CHECK=true to an .env file in your project.
That will permanently disable this message but you might encounter other issues.
To fix the dependency tree, try following the steps below in the exact order:
1. Delete package-lock.json (not package.json!) and/or yarn.lock in your project folder.
2. Delete node_modules in your project folder.
3. Remove "babel-eslint" from dependencies and/or devDependencies in the package.json file in your project folder.
4. Run npm install or yarn, depending on the package manager you use.
In most cases, this should be enough to fix the problem.
If this has not helped, there are a few other things you can try:
5. If you used npm, install yarn (http://yarnpkg.com/) and repeat the above steps with it instead.
This may help because npm has known issues with package hoisting which may get resolved in future versions.
6. Check if C:\Users\Vatsal\node_modules\babel-eslint is outside your project directory.
For example, you might have accidentally installed something in your home folder.
7. Try running npm ls babel-eslint in your project folder.
This will tell you which other package (apart from the expected react-scripts) installed babel-eslint.
If nothing else helps, add SKIP_PREFLIGHT_CHECK=true to an .env file in your project.
That would permanently disable this preflight check in case you want to proceed anyway.
P.S. We know this message is long but please read the steps above :-) We hope you find them helpful!
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! voom#0.1.0 start: `react-scripts start`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the voom#0.1.0 start script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! C:\Users\Vatsal\AppData\Roaming\npm-cache\_logs\2020-07-29T14_00_29_296Z-debug.log
What I did was that I tried to install webpack globally. I also tried a few suggestions from the Internet and what was suggested in the terminal but nothing helped.
Just follow the exact instructions given in the error log:
To fix the dependency tree, try following the steps below in the exact
order:
Delete package-lock.json (not package.json!) and/or yarn.lock in your project folder.
Delete node_modules in your project folder.
Remove "babel-eslint" from dependencies and/or devDependencies in the package.json file in your project folder.
Run npm install or yarn, depending on the package manager you use.
I create private npm registry with verdaccio.
I want to able to run npm install --registry="http://localhost:4873" and get all dependencies from private registry.
I need to publish all packages from my project node_modules directory.
I had to run npm publish in each package in node_module directory.(I could't find any better way.)
more of them published successfully But in some case, I encountered with the error. for example in zone.js package:
npm ERR! code ELIFECYCLE npm ERR! errno 2 npm ERR! zone.js#0.8.29
prepublish: `tsc && gulp build` npm ERR! Exit status 2 npm ERR! npm
ERR! Failed at the zone.js#0.8.29 prepublish script. npm ERR! This is
probably not a problem with npm. There is likely additional logging
output above. npm WARN Local package.json exists, but node_modules
missing, did you mean to install?
or in acorn package:
acorn#5.7.3 build:main C:\Users\Admin\Desktop\test ng\ng-prj\node_modules\acorn
rollup -c rollup/config.main.js
'rollup' is not recognized as an internal or external command,
operable program or batch file.
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! acorn#5.7.3 build:main: `rollup -c rollup/config.main.js`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the acorn#5.7.3 build:main script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm WARN Local package.json exists, but node_modules missing, did you mean to install?
Is there a simple way of doing this?
here Verdaccio maintainer.
I want to able to run npm install --registry="http://localhost:4873" and get all dependencies from private registry.
What do you want is to have an offline registry with all your dependencies. Publish all node_modules is not practical and almost impossible.
more of them published successfully But in some case, I encountered with the error. for example in zone.js
That's the point, you would need to build each dependency, it just does not make sense. A regular project can easily have thousands of dependencies and sub dependencies. Not to mention you would lose the adventage of future dependencies updates.
So, what you need is cache properly all dependencies in your storage folder.
Run verdaccio $> verdaccio
Be sure you are online
Run npm install --registry="http://localhost:4873
When the finish to install, inspect your local cache, see here how to find it. You should be able to see all the resolved dependencies in the cache.
If you want a real offline experience, comment the proxy from the config file as follows
packages:
'#*/*':
access: $all
publish: $authenticated
# proxy: npmjs
'**':
access: $all
publish: $authenticated
# proxy: npmjs
If you comment out proxy Verdaccio won't ask for any update to the remotes, by default is npmjs, thus, no connection to external networks will be performed.
Restart Verdaccio
Repeat process as much time you need.
So, here, the advantages of this approach.
When yo back offline (you must comment out the proxy section again) you will allow Verdaccio to resolve wether you have new dependencies to be cached (in case you are using semver eg: lodash: ^1.5.6)
You will have a real installation experience, no fear to remove node_modules and clean the npm cache as well.
Storage is just a folder, so you can port it to another place (via USB or LAN)
Share cache with multiple projects and node package manager tools (yarn, npm or pnpn)
You don't have to publish each package in node_modules, thus see point 2).
I hope this helps you. Furthermore, there are other practices related with offline mode, but only with yarn.
We used Juan Picado's advice above. Here's what we did:
edit verdaccio's config file at /home/verdaccio/config.yaml
make sure that proxying is allowed
set the npm registry to point to your verdaccio instance
create a folder (any folder) on the system and run npm install commands to download packages
check the /home/verdaccio/storage/ directory. The downloaded packages plus their dependencies should now be in that directory.
edit verdaccio's config file, commenting out the two "proxy" lines so that proxying is turned off
restart verdaccio
At this point running npm install commands will only point to your verdaccio instance without going out to registry.npmjs.com and the packages in /home/verdaccio/storage will be your offline-available packages.
So whenever I run npm start in my React project it gives me this error:
myapp#0.1.0 start C:\Users\AyaLe\Desktop\React\myapp react-scripts
start
There might be a problem with the project dependency tree. It is
likely not a bug in Create React App, but something you need to fix
locally.
The react-scripts package provided by Create React App requires a
dependency:
"webpack": "4.19.1"
Don't try to install it manually: your package manager does it
automatically. However, a different version of webpack was detected
higher up in the tree:
C:\Users\AyaLe\node_modules\webpack (version: 3.10.0)
Manually installing incompatible versions is known to cause
hard-to-debug issues.
If prefer to ignore this check, add SKIP_PREFLIGHT_CHECK=true to an
.env file in your project. That will permanently disable this message
but you might encounter other issues.
To fix the dependency tree, try following the steps below in the exact
order:
Delete package-lock.json (not package.json!) and/or yarn.lock in your project folder.
Delete node_modules in your project folder.
Remove "webpack" from dependencies and/or devDependencies in the package.json file in your project folder.
Run npm install or yarn, depending on the package manager you use.
In most cases, this should be enough to fix the problem. If this has
not helped, there are a few other things you can try:
If you used npm, install yarn (http://yarnpkg.com/) and repeat the above steps with it instead.
This may help because npm has known issues with package hoisting which may get resolved in future versions.
Check if C:\Users\AyaLe\node_modules\webpack is outside your project directory.
For example, you might have accidentally installed something in your home folder.
Try running npm ls webpack in your project folder.
This will tell you which other package (apart from the expected react-scripts) installed webpack.
If nothing else helps, add SKIP_PREFLIGHT_CHECK=true to an .env file
in your project. That would permanently disable this preflight check
in case you want to proceed anyway.
P.S. We know this message is long but please read the steps above :-)
We hope you find them helpful!
npm ERR! code ELIFECYCLE npm ERR! errno 1 npm ERR! myapp#0.1.0 start:
react-scripts start npm ERR! Exit status 1 npm ERR! npm ERR! Failed
at the myapp#0.1.0 start script. npm ERR! This is probably not a
problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in: npm ERR!
C:\Users\AyaLe\AppData\Roaming\npm-cache_logs\2018-12-02T10_15_24_630Z-debug.log
Also whenever I try to install webpack-cli whenever it asks me to, it gives me another error
It looks like you have "webpack": "3.10.0" installed globally, but you need to have "webpack": "4.19.1". This is causing a conflict.
You need to do the following:
1. $npm uninstall -g webpack
2. $npm install -g webpack#4.19.1
This should solve the issue.
Alternatively, you can try deleting the node_modules folder or specifically the webpack folder in node_modules at the location:
C:\Users\AyaLe\node_modules\webpack (version: 3.10.0)
It seems that you have an incorrect version of 'webpack' installed. Check your package.json file to ensure that you have the correct 'webpack' version.
The file should look like something this :
{
... ,
"dependencies" : {
...,
"webpack" : "<version number>"
}
}
Ensure that the version number is exactly 4.19.1. This will ensure that you install the specific version of webback.
Once you change/update your package.json, try deleting node_modules/ directory and then running npm install in the same directory as your package.json is.
I just created a new package.
I'm now trying to publish it to NPM for the first time like this:
ole#MKI:~/Sandbox/pli$ npm publish --access public
npm ERR! publish Failed PUT 404
npm ERR! Linux 3.13.0-93-generic
npm ERR! argv "/home/ole/.nvm/versions/v6.4.0/bin/node" "/home/ole/.nvm/versions/v6.4.0/bin/npm" "publish" "--access" "public"
npm ERR! node v6.4.0
npm ERR! npm v3.10.3
npm ERR! code E404
npm ERR! 404 Not found : #supericium/pli
npm ERR! 404
npm ERR! 404 '#supericium/pli' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.
npm ERR! Please include the following file with any support request:
npm ERR! /home/ole/Sandbox/pli/npm-debug.log
I tried updating both NodeJS and NPM to make sure that I have the latest version, which are:
ole#MKI:~/Sandbox/pli$ node --version
v6.4.0
ole#MKI:~/Sandbox/pli$ npm --version
3.10.3
Thoughts?
You need to have registered "supericium" (npm adduser) as a username at the registry and be logged in (npm login) to publish under that scope.
https://docs.npmjs.com/getting-started/publishing-npm-packages
https://docs.npmjs.com/getting-started/scoped-packages
It's solved by npm login in my case, the error message is misleading
Came across this same error, and my issue was that the package was somehow set to "Read" access only. So I have to go to the NPM and update the package to "Read/Write" access:
1.
2.
Nothing worked for me, except logging in again:
npm login
Hope this helps me or someone else in the future!
You could also get this error when you change your password to NPM but you do not logout/login via your CLI. Using npm logout and then npm login worked for me.
in my case I had to verify the email address. even when npm whoami was telling me I was logged in fine.
In my case, I got this message because the token that I was using had been revoked. I fixed it by:
Generating a new access token in my npm account.
Modifying the line: export NPM_TOKEN="<token>" in my .zshrc (or .bashrc) file
Entering source ~/.zshrc in the terminal.
I just logged in to npm by using npm adduser command and it worked fine.
In my case, I was missing the repository field in the package.json of my new package that I was trying to publish.
"repository": "git://github.com/your-org/your-repo-name.git"
https://docs.npmjs.com/files/package.json#repository
This error appeared for me in two cases:
When I wasn't logged in. You can check whether you are logged in or not by npm whoami, then if not logged in npm login.
When I didn't have right to publish to the repository. In this case make sure you are added to the organization which owns the repo.
in my case i noticed that my npm account username in npm website is different than my npm normal user name. When i try to publish in console by login with normal username gave me this error.
publish Failed PUT 404 npm ERR! code E404 npm ERR! 404 User not found
But after login to console with account name it has published successfully
Once you successfully publish the package you may experience when you try to npm install:
npm ERR! code E404
npm ERR! 404 Not Found: #xxx/yyy#latest
or something similar, regardless if you npm publish was successful. In this case make sure your {main: 'file.js'} in packages.json is there.
Ideally, you can call it index.js if you wish to leech directly from the package so you don't get things like import * from '#xxx/yyy/file'.
In my case, I believe I enabled 2FA on npmjs.com so the publish token used in CD didn't work (should have thrown 401, but got 404).
Generating a new automation token on npmjs.com and updating the secret on my CD (GitHub actions) solved it.
I encountered the same problem but I successfully resolved it by uninstalling the LTS version, then installing Current version along with yarn.
Just adding my two cents to the possible solutions
I was getting this error in a CI workflow, so no interactive login or things related.
Existing packages were working correctly, but adding a new one wasn't, I was getting a 404. I realized that it should be something related to the new package itself, not the CI environment, and it was.
The new package was missing two fields on its package.json, the repository and publishConfig fields.
Adding these two fields, it worked correctly (note that repository field is used in its expanded form, with the directory property)
"repository": {
"type": "git",
"url": "ssh://git#github.com/__user__/__repo-name__.git",
"directory": "packages/__new-package-name__"
},
"publishConfig": {
"registry": "https://npm.pkg.github.com/"
}
For me the fix seemed to be making a new "team" in the organisation and assigning myself and my package to this.
My guess is that my NPM organisation requires users to have 2FA on and two users assigned to the 'developers' group didn't have this on.
In my case i accidentally typed https://registry.npmjs.org instead of https://registry.npmjs.com (.org vs .com)
In my case the problem was completely different.
I had to replace:
npm publish FOLDERNAME
with simply:
cd FOLDERNAME && npm publish
In my case I also had to manually specify the path of .npmrc using the --userconfig parameter:
cd myapp && npm publish -ddd --userconfig ../.npmrc
In my case, I had a typo when passing the otp param:
// Wrong:
npm publish --access public --opt 123456
// Correct:
npm publish --access public --otp 123456