Develop Reference

How to create offline private registry of verdaccio

I create private npm registry with verdaccio.
I want to able to run npm install --registry="http://localhost:4873" and get all dependencies from private registry.
I need to publish all packages from my project node_modules directory.
I had to run npm publish in each package in node_module directory.(I could't find any better way.)
more of them published successfully But in some case, I encountered with the error. for example in zone.js package:
npm ERR! code ELIFECYCLE npm ERR! errno 2 npm ERR! zone.js#0.8.29
prepublish: `tsc && gulp build` npm ERR! Exit status 2 npm ERR! npm
ERR! Failed at the zone.js#0.8.29 prepublish script. npm ERR! This is
probably not a problem with npm. There is likely additional logging
output above. npm WARN Local package.json exists, but node_modules
missing, did you mean to install?
or in acorn package:
acorn#5.7.3 build:main C:\Users\Admin\Desktop\test ng\ng-prj\node_modules\acorn
rollup -c rollup/config.main.js
'rollup' is not recognized as an internal or external command,
operable program or batch file.
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! acorn#5.7.3 build:main: `rollup -c rollup/config.main.js`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the acorn#5.7.3 build:main script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm WARN Local package.json exists, but node_modules missing, did you mean to install?
Is there a simple way of doing this?

here Verdaccio maintainer.
I want to able to run npm install --registry="http://localhost:4873" and get all dependencies from private registry.
What do you want is to have an offline registry with all your dependencies. Publish all node_modules is not practical and almost impossible.
more of them published successfully But in some case, I encountered with the error. for example in zone.js
That's the point, you would need to build each dependency, it just does not make sense. A regular project can easily have thousands of dependencies and sub dependencies. Not to mention you would lose the adventage of future dependencies updates.
So, what you need is cache properly all dependencies in your storage folder.
Run verdaccio $> verdaccio
Be sure you are online
Run npm install --registry="http://localhost:4873
When the finish to install, inspect your local cache, see here how to find it. You should be able to see all the resolved dependencies in the cache.
If you want a real offline experience, comment the proxy from the config file as follows
packages:
'#*/*':
access: $all
publish: $authenticated
# proxy: npmjs
'**':
access: $all
publish: $authenticated
# proxy: npmjs
If you comment out proxy Verdaccio won't ask for any update to the remotes, by default is npmjs, thus, no connection to external networks will be performed.
Restart Verdaccio
Repeat process as much time you need.
So, here, the advantages of this approach.
When yo back offline (you must comment out the proxy section again) you will allow Verdaccio to resolve wether you have new dependencies to be cached (in case you are using semver eg: lodash: ^1.5.6)
You will have a real installation experience, no fear to remove node_modules and clean the npm cache as well.
Storage is just a folder, so you can port it to another place (via USB or LAN)
Share cache with multiple projects and node package manager tools (yarn, npm or pnpn)
You don't have to publish each package in node_modules, thus see point 2).
I hope this helps you. Furthermore, there are other practices related with offline mode, but only with yarn.

We used Juan Picado's advice above. Here's what we did:
edit verdaccio's config file at /home/verdaccio/config.yaml
make sure that proxying is allowed
set the npm registry to point to your verdaccio instance
create a folder (any folder) on the system and run npm install commands to download packages
check the /home/verdaccio/storage/ directory. The downloaded packages plus their dependencies should now be in that directory.
edit verdaccio's config file, commenting out the two "proxy" lines so that proxying is turned off
restart verdaccio
At this point running npm install commands will only point to your verdaccio instance without going out to registry.npmjs.com and the packages in /home/verdaccio/storage will be your offline-available packages.

npm install not working. Says that I need to check permissions?

I'm trying to install eslint on my machine right now but it is saying that I need to check permissions because its missing write access to /user/local/lib/node_modules. Does anyone know how to fix this? Thanks!
npm install -g eslint
npm WARN checkPermissions Missing write access to /usr/local/lib/node_modules
npm ERR! path /usr/local/lib/node_modules
npm ERR! code EACCES
npm ERR! errno -13
npm ERR! syscall access
npm ERR! Error: EACCES: permission denied, access '/usr/local/lib/node_modules'
npm ERR! { [Error: EACCES: permission denied, access '/usr/local/lib/node_modules']
npm ERR! stack:
npm ERR! "Error: EACCES: permission denied, access '/usr/local/lib/node_modules'",
npm ERR! errno: -13,
npm ERR! code: 'EACCES',
npm ERR! syscall: 'access',
npm ERR! path: '/usr/local/lib/node_modules' }
npm ERR!
npm ERR! The operation was rejected by your operating system.
npm ERR! It is likely you do not have the permissions to access this file as the current user
npm ERR!
npm ERR! If you believe this might be a permissions issue, please double-check the
npm ERR! permissions of the file and its containing directories, or try running
npm ERR! the command again as root/Administrator (though this is not recommended).
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/mkaplan/.npm/_logs/2019-03-03T18_05_46_487Z-debug.log

Try sudo npm install -g eslint

For Linux use sudo npm install and
For Window run powerShell as administrator and got to directory of project and run npm install

In my case I had this same problem to install angular, so just change the command to :
$ sudo npm install -g #angular/cli

This kind of stuff happens when you run npm commands with sudo to begin with. So don't do it?
If this happens, it means that someone has been messing around npm as root. Then root took and created files in global npm cache, denying access to anything different than root.
This is why it fires EACCES when running npm install or npm install -g
You are not supposed to do anything related to node_modules nor runnpm [anything] with sudo. Do you understand that you are giving the package in question permission to do whatever it wants? Even if you check the package and ensure its security yourself, what about dependencies it downloads? will you check them as well?
npm registry gets 30b weekly downloads, their malware control is nowhere near enough
You are giving away access to whole sys folder tree to the files of the package in question. Even npm itself gives you feedback that it is not recommended. You do not know what package does in the background. What if you install a package i developed, but i am a villian who likes to make people's life harder... This is a security issue.
The above story apart. If you do it with sudo, this will force you to run certain npm commands as sudo from that point on, messing it up even more.
The maximum you do as root in this case, is give access for node_modules to whoami
The best solution is to either set it up properly so you dont have to use sudo or run app in container, so anything you do is executed inside container, not affecting your local machine at least. Even there it is not recommended to mess around as root, permissions get so messy... it's a hell to debug.

I'm fairly new to Node but as a longtime Linux user I'not sure installing node packages as root (via sudo) is a good idea.
I imagine eslint is fine but if you're having this issue installing one package then I'm guessing you're having the same problem with every package you're installing globally ('-g'). That means that every time you install a package from npm globally you're downloading who-knows-what install script and running it with root privileges on your computer.
Anyway, as I said I'm no Node expert but I had this same problem and my issue was that I'd installed the "nodejs" package using apt. If this is what you did then I suggest:
Remove nodejs with sudo apt remove nodejs. (Depending on what Linux distro you're using this may be different. I'm running Ubuntu.)
Install nvm or some other node version manager as recommended by the NPM docs.
When I did this, I was able to install NPM packages globally without sudo.
(Yes, I'm telling you not to install things by running npm as root and then saying you should install things by running apt as root. But you definitely need to run apt as root and I know appropriate precautions are taken by the apt devs and Ubuntu package repo managers. I'm not 100% sure it's wrong to run npm as root but I'm not sure it's right either, and I was able to avoid running it as root using the above steps.)

This can solve the problem:
sudo npm install -g npm

First try sudo npm install -g gatsby-cli
then npm start

I ran into an issue trying to install truffle and got the following errors:
npm ERR! The operation was rejected by your operating system.
npm ERR! It is likely you do not have the permissions to access this file as the current user
I was able to solve this issue with the recommendation to add 'sudo'.
solution:
sudo npm i -g truffle

Use the command:
sudo npm install -g eslint
With the sudo command you will have the permission to install.

This might happen when you just "sudo" everything in order to make it work or you install a dependency forcefully , you should not mess with the root folder of node modules.
For now you can try installing using
sudo npm install -g eslint

Use this npm install node-sass --save

How can I install `bcrypt-as-promised` from an old code base onto my ubuntu box?

I'm working with an old code base from an old project that uses bcrypt-as-promised (before bcrypt allowed the use of promises). When I try and npm install the package.json, I receive this error for that package:
npm WARN deprecated bcrypt-as-promised#1.1.0: the bcrypt module supports promises now, this module is no longer necessary
npm WARN deprecated bcrypt#0.8.7: bcrypt < v2.0.0 is susceptible to bcrypt wrap-around bug. Upgrade to bcrypt >= v2.0.0 for improved support for newer bcrypt hashes
And then proceeds to fail (I can paste more of the error message if needed).
I'm a little confused as to how I might be able to get this now deprecated package to install. I thought about modifying the codebase to only use bcrypt (with the now native promises supported), but I'm afraid of diving into a bee's nest and breaking the application. I was wondering first if there might be a way to install this package for the old code base to get it working.
Any thoughts? Thanks for your time and any insight you may have.
My package.json: https://github.com/twknab/mean_hike/blob/master/package.json
// Edit:
Here's the full terminal message I receive when I try and sudo npm install:
> bcrypt#0.8.7 install /var/www/mean_hike/node_modules/bcrypt
> node-gyp rebuild
gyp ERR! configure error
gyp ERR! stack Error: EACCES: permission denied, mkdir
'/var/www/mean_hike/node_modules/bcrypt/build'
gyp ERR! System Linux 4.4.0-1072-aws
gyp ERR! command "/usr/local/bin/node"
"/usr/local/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /var/www/mean_hike/node_modules/bcrypt
gyp ERR! node -v v11.2.0
gyp ERR! node-gyp -v v3.8.0
gyp ERR! not ok
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! bcrypt#0.8.7 install: `node-gyp rebuild`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the bcrypt#0.8.7 install script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /home/ubuntu/.npm/_logs/2018-11-27T10_46_27_925Z-debug.log

Older versions of bcrypt can be quite tricky to install, and it looks like you're hitting a classic permissions issue with npm. You can try some of the tips listed in the official documentation here: https://docs.npmjs.com/resolving-eacces-permissions-errors-when-installing-packages-globally
… but in the meantime, here are a few things to try:
Attempt a global install of node-gyp first, either with or without
sudo: npm install node-gyp -g
If that works, then try installing
bcrypt (again, globally).
If you're still seeing permissions issues,
you may need to sort out ownership of your node_modules directory:
sudo chown -r XXX /usr/lib/node_modules/ (assuming that's where
the global modules directory is on your machine of course).

I found a solution to my issue was to use yarn to import all of my dependencies rather than npm, while also swapping bcrypt-as-promised for bcrypt (which now includes promises with no syntax changes necessary).
I ditched bcrypt-as-promised and replaced it with bcrypt in my package.json file.
I then changed any instance of require('bcrypt-as-promised') to require('bcrypt') (the syntax for using bcrypt remains the same, just the dependency importation lines need to change).
Without using yarn, even after changing my folder permissions, I was still hitting permissions "EACCES: permission denied" errors, with only bcrypt failing. My versions of npm and node seemed fine. Made sure my Ubuntu box was all updated.
That's when I gained the suggestion from a wise friend to try using yarn to grab the dependencies instead. I ran yarn import which reads the package.json file and creates a yarn.lock file. I then installed yarn on my ubuntu machine (sudo npm install yarn -g), and ran yarn install, and bcrypt successfully installed!
Update Jan 2019 - Improved Solution
It looks like if npm dependencies were originally installed using sudo, permission issues can be experienced when trying to install bcrypt. My improved solution was to:
Nuke the ./node_modules folder via sudo rm -r ./node_modules
Install npm packages fresh (not using sudo).
After this, I was able to npm i --save bcrypt with the package installing
successfully.
Here's a link from GitHub that helped me find the solution and an excerpt:
#Mayocampo permission denied, mkdir
'/home/someroute/node_modules/bcrypt/build'
It seems you run rpm as root, therrfore your account cannot mkdir
under /home/someroute/node_modules/ Check dir with ls -l
/home/someroute/node_modules/ Im sure owner of upper dir is root. or
your account cannot have permission.
I guess there are two options are available.
sudo rm -r ./node_modules And install package via npm
again, but without using sudo.
Change mod ./node_module to access and excutable. I decided first, and its fixed
Source: juicycool92 # GitHub

npm install no longer possible after deleting module directory

So I wanted to help out, and forked a Node-RED module to make some small contribution, but then got lost messing around with how to get Node-RED to run my fork (for testing) rather than the packaged version. Then I learned about npm's ability to install from a Github URL, which is nice, but it wouldn't work because I had already installed the module. Then I found I couldn't uninstall it either
npm uninstall original-module
npm ERR! path /home/nodered/.node-red/node_modules/original-module/package.json
npm ERR! code ELOOP
npm ERR! errno -40
npm ERR! syscall open
npm ERR! ELOOP: too many symbolic links encountered, open '/home/nodered/.node-red/node_modules/original-module/package.json'
so in frustration I deleted the module's directory, only to find myself unable to move forwards, or backwards. npm install https://github.com/me/forkedmodule fails with
npm ERR! code 128
npm ERR! Command failed: /usr/bin/git clone --depth=1 -q -b master https://github.com/me/forkedmodule.git /root/.npm/_cacache/tmp/git-clone-d31dc53b
npm ERR! fatal: could not create leading directories of '/root/.npm/_cacache/tmp/git-clone-d31dc53b': Permission denied
npm ERR!
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2017-08-22T01_07_18_257Z-debug.log
and trying to install the original with npm install original-module fails with
npm ERR! code ENOLOCAL
npm ERR! Could not install from "node_modules/original-module" as it does not contain a package.json file.
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2017-08-22T01_09_56_127Z-debug.log
As you've probably guessed, I'm pretty new to Node.js, Node-RED and npm, but I haven't been able to help myself, so have to ask for help! It seems nonsensical to me that npm appears to be looking for a local copy of the package.json file belonging to the package I'm trying to install?
Edit: I should add that the above commands were all run as root.

Ok, found a solution, not sure if it's the best one though!
In the "project" directory (/home/nodered/.nodered in my case) there's a package-lock.json file which lists the packages used by the project. In there I found an entry for the original-module which I removed, after which I was able to install the package "normally" with npm install original-module.
Then to solve the permission issue when installing from a GitHub URL, I found I needed to impersonate the "nodered" user with su - nodered (it's a password-less user in my case). As "nodered" npm install https://github.com/me/forkedmodule succeeded without any error. A little curious since I was trying to do this as root before, and got a permission error, but there you go. I also took the opportunity to chown -R the project's node_modules directory to nodered:nodered as I could see that was a bit of mess.
In future, I will try to remember to su - to my nodered user first, and navigating to the project root (again, /home/nodered/.node-red in my case) before running npm install anything. Hopefully that will avoid any further issues. Oh and a note to anyone else who just wants to contrib some quick changes to a module hosted on GitHub: to "pull" in changes you simply run npm install https://github.com/me/forkedmodule again - npm doesn't appear to provide any dedicated "update" method.

I had the same issue, in my case the solution was to delete the package-lock.json, delete node_modules, then reinstall npm modules.

Why am I getting Unexpected token '\u0000' when using npm install -g package

This is probably a Windows specific issue but I haven't found any information when googling this issue. I had been using ionic framework which relies on Cordova (or Phonegap). However, the problem is not specific to any of these packages. I see this error quite often. So, the error is when I run a command such as the following:
npm install -g cordova
However, I could substitute various other packages and get the same error. I'll paste the snippet (very brief) below of the error message. What is strange is that I had an ionic project working in that directory earlier. Then today it told me that ionic could not be found. My hunch is that this is a different issue than the main issue I am describing here.
I installed git bash so I do have a linux-like environment that I could try. I would just select Git Bash for a bash window with various bash commands. If there is an easier way to fix this for Windows users, please let me know. I have seen courses on Pluralsight where the instructors seem to be happily using npm with no problems. Also, when I use yeoman, I also at some point, in many cases, get the same error.
The error is
npm ERR! Failed to parse json
npm Unexpected token '\u0000' at 1:1
npm ERR!
npm ERR! ^
npm ERR! File: c:\Users\Bruce\AppData\Roaming\npm-cache\amdefine\1.0.0\package\package.json
npm ERR! Failed to parse package.json data.
npm ERR! package.json must be actual JSON, not just JavaScript.
npm ERR!
npm ERR! This is not a bug in npm
npm ERR! Tell the package author to fix their package.json file. JSON.parse.
Thanks in advance for any help/advice,
Bruce

Via this question on SO it could be that you just have to do:
npm cache clean.
But, also try the other methods suggested there like adding the registry option:
npm install <packagename> --registry http://registry.npmjs.org/.
Or, if you've been mingling with the package.json file by yourself, check if it's valid.