Undocumented breaking change for scoped package config in npm@4

[billyjanitsch]

I'm opening this issue because:

• npm is doing something I don't understand.

What's going wrong?

My ~/.npmrc contains a line to point packages under the @mycompany scope to our custom npme registry:

@mycompany:registry = "http://registry.mycompany.com/"

In npm@3, this config works correctly -- only @mycompany packages are routed through our registry. In npm@4, this line causes all requests to be routed through our registry. For example, if I run npm install react, I get:

npm ERR! Darwin 16.1.0
npm ERR! argv "/Users/billy/.nvm/versions/node/v7.0.0/bin/node" "/Users/billy/.nvm/versions/node/v7.0.0/bin/npm" "i" "react"
npm ERR! node v7.0.0
npm ERR! npm  v4.0.1
npm ERR! code E404

npm ERR! 404 Registry returned 404 for GET on http://registry.mycompany.com/react
npm ERR! 404 
npm ERR! 404  'react' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404 
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.

Even adding registry=http://registry.npmjs.org/ to my ~/.npmrc doesn't fix the problem.

There is no mention of this change in the 4.0.0/4.0.1 release nodes, so I assume it's a regression.

How can the CLI team reproduce the problem?

Add the above scoped registry config to an .npmrc and try to install an unscoped package.

supporting information:

• npm -v prints: 4.0.1
• node -v prints: 7.0.0
• npm config get registry prints: surprisingly, https://registry.npmjs.org/
• Windows, OS X/macOS, or Linux?: macOS 10.12.1

[zkat]

This is a duplicate of #14412 and a regression caused by #14129.