Related
I am trying to use my first private npm package on a gitlab private instance
I added #ajouve:registry=https://gitlab.my-website.io/api/v4/packages/npm/ to .npmrc
the command npm get seems to return the correct config
; "project" config from /Volumes/Work/service/.npmrc
#ajouve:registry = "https://gitlab.my-website.io/api/v4/packages/npm/"
; "cli" config from command line options
omit = []
user-agent = "npm/7.5.4 node/v12.18.1 darwin x64"
; node bin location = /usr/local/bin/node
; cwd = /Volumes/Work/service
; HOME = /Users/ajouve
; Run `npm config ls -l` to show all defaults.
But when I want to add the package
npm install --save #ajouve/my-module
I have
npm ERR! code E404
npm ERR! 404 Not Found - GET https://registry.npmjs.org/#ajouve/my-module Not found
npm ERR! 404
npm ERR! 404 '#ajouve/my-module#*' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/ajouve/.npm/_logs/2021-03-19T15_06_50_186Z-debug.log
It goes to https://registry.npmjs.org
Running npm config ls -l | grep registry
I have
metrics-registry = "https://registry.npmjs.org/"
registry = "https://registry.npmjs.org/"
#ajouve:registry = "https://gitlab.my-website.io/api/v4/packages/npm/"
Instead of git://, use git+ssh://
npm i -S git+ssh://git#gitlab.com:<org>/<project>.git
Here you can get several answers
Install npm module from gitlab private repository
As someone who started using Gitlab's registry a couple days ago, i ran on the same issue.
On the .npmrc, the scope name has to meet with your packet scope.
For example, if we have the project A, it's package.json should be like this:
{
"name": "#myscope/myproject",
...Rest of your package.json
And on your project B, the .npmrc must match the scope
#myscope:registry=https://gitlab.com/api/v4/packages/npm/
Then after, make sure you authenticate with the scoped registry, otherwise NPM will throw a error or ignore and go search on NPM Registry
$ npm config set #myscope:registry https://gitlab.com/api/v4/packages/npm/
$ npm config set -- '//gitlab.com/api/v4/packages/npm/:_authToken' "<your_token>"
NOTE: <your_token> should be a access token created on your Gitlab Profile. You can create this by going on Preferences > Access Tokens. Make sure to check "read_registry" before creating the token.
Then, you can install your package easily
$ npm install --save #myscope/myproject
EDIT: If you are using a self-hosted gitlab instance, it follows the same, just remember to change "gitlab.com" to your gitlab instance url.
Try this, it should work.
npm install --save #ajouve/my-module --registry=https://gitlab.my-website.io/api/v4/packages/npm/
Another way is to create group endpoint in the private instance which will point hosted + proxy to public packages and update your registry to point to that endpoint so both private and public packages will work.
for the first installation you need to run
npm config set #ajouve:registry=https://gitlab.my-website.io/api/v4/packages/npm/
You could try this:
npm config set registry http://registry.npmjs.org
npm-registry
Or sometimes you just need to adduser and login to fix this problem with a private package. Have a look at this doc: npm-addUser
Commands should be something like this:
npm adduser
npm login
I am having authentication problem when publishing to my private npm registry hosted on my private Nexus.
My Nexus setup is I have npm-proxy, npm-registry (hosted npm with allowRepublish=false), npm-snapshots (hosted npm with allowRepublish=true) and npm-public (group with all other three repositories).
Since I am developing a library, I am using my snapshot repository, so I can redeploy same version constantly (something like snapshot in maven world).
In my library project I have set this option in package.json
"publishConfig": {
"registry": "https://my.nexus.com/repository/npm-snapshots/"
}
Next, I created .npmrc file with following content:
registry=https://my.nexus.com/repository/npm-public/
_auth=RVhBTVBMRQ==
And with this setup I can publish project with no problem. However, what bothers me, is that I have my password (which is just base64 encoded) stored in file, that should be commited, but I can't commit it, due to credentials in it.
I have tried to instead login to npm registry and removed the auth line from .npmrc
npm adduser --registry=https://my.nexus.com/repository/npm-snapshots --always-auth
I got response Logged in as myusername on https://my.nexus.com/repository/npm-snapshots.
However, when I try to run npm publish I get:
npm ERR! code E401
npm ERR! Unable to authenticate, need: BASIC realm="Sonatype Nexus Repository Manager"
npm verb exit [ 1, true ]
npm timing npm Completed in 6867ms
npm ERR! A complete log of this run can be found in:
npm ERR! C:\Users\XXXX\AppData\Roaming\npm-cache\_logs\2019-07-30T19_31_01_598Z-debug.log
Now in my other project (which is using this library), I simply created .npmrc file with content registry=https://nexus.mjamsek.com/repository/npm-public/ and run command npm adduser --registry=https://my.nexus.com/repository/npm-public --always-auth and I was able to download the published package.
However, the publish still won't work and I don't know why.
EDIT 31.7.2019: On my list of active realms I also have npm Bearer Token Realm
When you do npm login or npm adduser the NPM client creates an authentication token that will be used in future request to the registry. Default NXRM configuration allows only Local Authenticating Realm which doesn't recognise NPM's token. Please make sure you have npm Bearer Token Realm active.
You need a trailing slash on the end of the registry URL passed into npm adduser, otherwise npm will chop off the last segment of the URL, and it won't work.
_auth= replaced with output of btoa('username:userpassword') and it worked for me.
I did use this btoa from chrome as below.
I encountered this problem today, my solution was to delete all registry entry from my npmrc file:
registry=https://my.nexus.com/repository/npm-snapshots/
Idealy delete anything superfluous, back it up before-hand, in my case my file contained only:
strict-ssl=false
Then you can
npm login --registry=https://my.nexus.com/repository/npm-public/ again.
If that's not working, you also bypass npm login with curl, look at this life saving post.
Make sure the _auth token is correct. In my case I changed my system credentials and forgot to generate new _auth token. I was getting the exact same error i.e.
"npm ERR! code E401
npm ERR! Unable to authenticate, need: BASIC realm="Sonatype Nexus Repository Manager"
once i fixed it, the issue was resolved.
For those who are looking for the command to generate _auth. It is:
btoa('username:userpassword')
I had same problem, my solution was to delete my global .npmrc file, and after login npm login.
I had ended with three versions of node on my machine. It turned out that the ones i installed later had their own local .npmrc files in the node_modules folders. They didn't use the global .npmrc even after i removed the local one so i had to copy it.
I was struggling about this problem last two days, finally the solution was to delete .npmrc file from root (user) directory.
When npm tried to login, it used the creds inside this file and ignore your pass login.
I've had a similar issue. I also have our credentials stored in an npmrc file in my user directory. When set up with node16/npm7, I would receive the error
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`
If I use nvm to downgrade to node12/npm6, it works. I'd prefer a working solution without downgrading, but for now it lets me move on.
UPDATE:
We finally figured it out (a while ago, but I forgot about this answer). In our .npmrc files in our user directories, we needed to add/change our authorization config entry.
Before:
_auth={base64 encoded username:password}
After:
//{path to private repository}:_auth={base64 encoded username:password}
Just enable anonymous access in the nexus dashboard, it will pull from your private registry.
I have the following line in my dependencies in package.json:
"log": "https://git.mydomain.com/myproject/myrepo/repository/archive.tar.gz?ref=0.1.0",
I get the following:
km#Karls-MBP ~/dev/vertica (km/ref) $ npm install
npm ERR! code E401
npm ERR! 404 401 Unauthorized: log#https://git.mydomain.com/myproject/myrepo/repository/archive.tar.gz?ref=0.5.0
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/km/.npm/_logs/2018-02-16T08_49_38_669Y-debug.log
I don't know if the issue is GitLab (where the repo exists) or NPM.
Node v8.9.4
NPM v5.6.0
Remove .npmrc from the Home Directory, it should be able to work. I did the same and it works for me.
My user directory .npmrc file had a stale authtoken as below.
//registry.npmjs.org/:_authToken=3615fa68-123a-4d72-b99a-772b5b1edc48
By removing this line, the npm installation works fine and no longer throws an authentication error.
You need to add user to npm registery
>> npm whoami [ it will return not authorized ]
To add new user follow below steps :-
>> npm adduser (then enter your name and complex password and your email)
>> npm whoami (return your registered name)
I got the same error but the reason in my case was different than the above answers:
I discovered that the package-lock.json had some of the packages resolved to a private url instead of the typical public npm urls, so deleting the npm lock file and running npm install again solved it
But if this is the case, you need to check with the team still why this private url resolution happened instead of the normal one
I got this when I used --prefer-offline
- npm ci --cache .npm --prefer-offline --unsafe-perm --no-optional
Removing that option fixed it.
In my case I have to change the content of .npmrc file to package-lock=false.
Now it works fine!
removing the .npmrc from the root directory worked for me
removing the .npmrc from the root directory worked perfectly for me as well
I noticed this error for a public github repo. Removed the entry always-auth = true and was able to proceed.
I'm trying to install a library from a private repository, and I keep getting an error in trying to use npm.
I'm using:
OSX Mavericks 10.9.3
Node v0.10.28
npm 1.4.10 (this was installed after trying with 1.4.13 and it still not working)
I am running this from my home directory, and the ~/.npmrc file is in the directory.
whenever I run the command: npm install 'library name here'
I get the following error:
npm http GET https://registry.npmjs.org/dslib-js
npm http 404 https://registry.npmjs.org/dslib-js
npm ERR! 404 404 Not Found: dslib-js
npm ERR! 404
npm ERR! 404 'dslib-js' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it
npm ERR! 404
npm ERR! 404 Maybe try 'npm search dslib'
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, or http url, or git url.
npm ERR! System Darwin 13.2.0
npm ERR! command "node" "/usr/local/bin/npm" "install" "dslib-js"
npm ERR! cwd /Users/marcos.pedreiro
npm ERR! node -v v0.10.28
npm ERR! npm -v 1.4.10
npm ERR! code E404
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR! /Users/marcos.pedreiro/npm-debug.log
npm ERR! not ok code 0
Edits:
When I run ls -a (in the home directory) this is the output:
. .ssh Music
.. .subversion Pictures
.CFUserTextEncoding .vagrant.d Public
.DS_Store Applications VirtualBox VMs
.Trash Desktop clients
.bash_history Documents dev
.gradle Downloads npm-debug.log
.matlab Google Drive ~:.npmrc
.npm Library ~:.npmrc.template
.npmrc.bak Movies
This is the output of the command npm config ls -l | grep config
; cli configs
globalconfig = "/usr/local/etc/npmrc"
userconfig = "/Users/marcos.pedreiro/.npmrc"
:End Edits
Any help would be greatly appreciated. Thanks!
In my case the character encoding was wrong for some reason, I had to convert it to UTF-8.
I used "npm get" to discover the problem, the result was full of u/2411... strings.
If what you posted is truly the output of ls -a, then the filename is wrong.
~:.npmrc should be named .npmrc.
The ~ at the beginning suggests you used a shell shortcut to place the file in your home directory (maybe something like cp .npmrc ~:.npmrc. The trouble is likely the colon. ~/ will be interpreted as "my home directory", but ~something/ will be interpreted as the home directory of the user named something. Since there is no user something, the system is probably just treated ~: as literal text.
Try renaming the file and see if that works:
mv "~:.npmrc" .npmrc
For people running Windows, check if Windows is hiding file extensions. For me, Windows was saying that the file name was .npmrc, but the real file name was .npmrc.txt.
Removing the .txt extension fixed the issue.
I'm assuming the Node package dslib-js is contained within your private npm repository. You'll need to set that repository in your local .npmrc file. For example, if your repository was at http://myrepo.com:4000 you would run the following command:
$ npm set registry "http://myrepo.com:4000"
The error your getting above is because the package dslib-js is not available on the npmjs.org, as you can see from visiting this URL: https://www.npmjs.org/package/dslib-js. By default (without a registry set in your .npmrc file), npm will search https://registry.npmjs.org (which can be browsed on the web via the URL I pasted above).
In case it helps anyone landing here: I had a npm-shrinkwrap.json file in the project root that was overriding the registry config from .npmrc. Removing the shrinkwrap file solved the issue.
I missed a couple of things to download my packages published in my private repository.
First The file name was .npmrc.txt instead of .npmrc. In windows, you can't create file name directly. So I opened command prompt then fired
echo "auth_token" > .npmrc
Second I was just pasting my auth_token in .npmrc file. You have to append the registry address also.
//**.**.visualstudio.com/_packaging/**/npm/registry/:_authToken=token_here
In case this helps anyone... my issue was I created the .npmrc file in a text editor so npm was ignoring the file because of the permissions on it. In order to fix it I deleted the file. Then I remade the file through the command line.
Cheers!
In case anyone has the same issue as me. We have a private registry but before adding the .npmrc file I tried running npm install. This created the package-lock.json and it was overriding the new registry that was added in the .npmrc file.
Simply deleting the package-lock.json and re-running npm install fixed it for me
I came across a scenario where npm ci was not picking/reading configs from .npmrc file.
Replacing it with npm install resolved the issue.
Node version 10.18.0
Slightly different reason of npm not picking up the .npmrc. But after changing the registry setting in my project's .npmrc file I had to delete previously existing node_modules folder and package-lock.json, then install with npm install --save. Doesn't make much sense, but after this, the package-lock.json file (re)created was using the correct registry.
I had a same problem mentioned in the question, I have resolved the problme in the following way
step 1: I went to the user directory in the c drive
C:\Users\user1
step 2: Found text.npmrc file which in the text format
step 3: I just replaced the file text.npmrc to .npmrc
step 4: after run npm install it working fine as i expected
Ok so I finally managed to get a private npm registry using Sinopia. But I cannot publish anything to it.
TL;DR: Sinopia does not support npm adduser, but has its own user
management. Also npm needs a valid user created before npm publish
through npm adduser, which fails because the internal Sinopia server
throws an error at the unsupported command....
How does one use Sinopia as a private registry with proper users and passwords
create a global user in npmjs.org, and then another with the same password in Sinopia?
Or is there an easier way to tell npm to just use a fixed user/pass.
Or even better prompt me somehow for username and password?
something else?
Synopsis:
Sinopia does not depend on Couch.DB and will hapilly fetch packages it does not already have from a master (default is the global npmjs.org).
Sinopia starts perfectly and is configured to listen on all interfaces. It works wonders in serving packages to
npm install
I even configured ~/.npmrc to always point to the internal registry.
All projects' package.json file is set to
....
"publishConfig" : {
"registry" : "http://internal-npm:4873"
},
....
Also I managed to add custom users in sinopia by manipulating the config.yaml with the help of js-yaml
crypto.createHash('sha1').update('theBigPassword').digest('hex')
Now I am stuck at
npm --registry=http://internal-npm:4873 --ca=null publish
After a long wait I get:
npm ERR! need auth auth and email required for publishing
npm ERR! need auth You need to authorize this machine using `npm adduser`
npm ERR! System Linux 3.11.0-18-generic
npm ERR! command "/usr/bin/nodejs" "/usr/bin/npm" "--registry=http://internal-npm:4873" "--ca=null" "publish"
npm ERR! cwd /home/ciprian/workspace/netop-npm
npm ERR! node -v v0.10.15
npm ERR! npm -v 1.2.18
npm ERR! code ENEEDAUTH
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR! /home/ciprian/workspace/netop-npm/npm-debug.log
npm ERR! not ok code 0
The business end of the log file tells me that the user is not optional
86 error need auth auth and email required for publishing
86 error need auth You need to authorize this machine using `npm adduser`
87 error System Linux 3.11.0-18-generic
88 error command "/usr/bin/nodejs" "/usr/bin/npm" "--registry=http://internal-npm:4873" "--ca=null" "publish"
89 error cwd /home/ciprian/workspace/netop-npm
90 error node -v v0.10.15
91 error npm -v 1.2.18
92 error code ENEEDAUTH
93 verbose exit [ 1, true ]
Now, the chicken and egg issue is that Sinopia does not support npm adduser, but has its own user management like I mentioned above. Also npm needs a valid user created through npm adduser, which fails because the internal Sinopia server throws an error at the unsupported command.
First of all, it is not "chicken and egg" problem.
"npm adduser" does two things:
it creates a new user on the remote server, or verifies that it exists
it adds _auth to your .npmrc
Sinopia will complain if user doesn't exist, but if it does, it'll happily report success.
So, what you have to do is this:
add user/pass to config.yaml (see josh's answer) and restart sinopia server
run npm adduser --registry http://internal-npm:4873/
Yes, "adduser" command is confusing, because it won't actually add a new user. It'll just verify that user exists in config.
If you want, you can use "npm login" command. It is less confusing even though it does exactly the same thing. :)
Second of all, add this to your package.json:
"publishConfig": {
"registry": "http://internal-npm:4873/"
}
This way npm won't publish it to the public registry anymore, even if it's a default one.
And lastly, you can't use two registries (npmjs and your private one) at the same time with the same npmrc. It's even less secure than you think.
It's okay in most cases, but if you have to use both of them (for example, you maintain public and private packages at the same time), use yapm instead of npm and write something like this to your .npmrc:
[registries."https://registry.npmjs.org/"]
_auth = (your auth string for public registry)
[registries."http://internal-npm:4873/"]
_auth = (your auth string for private registry)
always-auth = true
It'll prevent exposing your passwords to public registry in all cases.
The Sinopia README tells you exactly what to do.
Adding a new user
There is no utility to add a new user but you can at least use node on the command-line to generate a password. You will need to edit the config and add the user manually.
Start node and enter the following code replacing 'newpass' with the password you want to get the hash for.
$ node
> crypto.createHash('sha1').update('newpass').digest('hex')
'6c55803d6f1d7a177a0db3eb4b343b0d50f9c111'
> [CTRL-D]
Insert the new user into your config.yaml file.
You then run npm adduser to login. (adduser is the command used for both account creation and login; sinopia does not support the creation part.)
Option 1 works, but I'm not really happy with it. So I'll keep on searching
YES, if I add a valid npmjs.org user, then swith the repo:
npm config set registry http://internal-npm:4873/
The publish command will work if the same user/pass exists in Sinopia
npm publish --registry=http://internal-npm:4873/
The downside is that if someone forgets to explicitly set the private registry, the publish will 100% work on the global npmjs.org, which would be a disaster.
As of version 0.13, Sinopia does support the creation of a new user through
npm adduser --registry example.com:port
For more details see: HOW TO CREATE A NEW SINOPIA USER
Me help contributor of sinopia :)
See here:
https://github.com/rlidwka/sinopia/issues/230#issuecomment-91825660