After upgrading to Node 8.2.1 and npm 5.3.0 any dependencies starting with @
fail withn http 404 return code
#17966
Comments
I found the cause of this issue. It's from a recent change in the Let's assume your .npmrc file looks like this:
NPM uses the Interestingly, I don't disagree with the commit above--an auth header should be passed if In my case, I had an I believe the problem here is that the NPM registry is treating scoped packages differently due to the '@' in the URL. This line of code in the node url module shows that any URL with '@' in it is treated as though it requires authorization. My guess here is that the registry thinks an auth needs to happen, uses the authorization header, attempts to auth the user using said header, and returns a 404 because it can't find the user, not the package. The error is simply "Not Found", not "Package not found". This is somewhat confirmed by taking a valid authorization header, removing the last character from it, and attempting to GET a scoped package. The response is then "Could not authenticate USER". Sorry for the long-winded explanation, but this had been blocking me for a decent amount of time between yesterday and today. Ultimately I think this is a bug in the NPM registry code, but it would also be fair to say the |
I have the same .npmrc auth requirement for our corporate nexus npm repo access. And we are seeing the exact same issue. Is there are reason why this issue manifests itself when installing
|
Is there any path for resolution here? Having auth via the .npmrc is a requirement in any environment using a local/private npm instance. Many are still struggling to support scoped packages as it is. We don't really want to be adding _auth properties to local npm project structures So with that in place there is no clear way how to specify on an end user's side when to use _auth for a project and when to not. |
I am in the same situation as @dptoot with the most recent LTS:
This is now almost 6 months old. Does anybody in the npm development team planning to look at this one ? |
Even though this is the original issue, the duped issue has a bit more traction so I commented there. Here's the link for reference. |
I have a similar setup with Artifactory repository. It is working locally on my mac but getting the same 404 errors when trying to build in our docker image. Docker
Local
Can't figure out why it's working locally but not in docker env. |
I'm opening this issue because:
What's going wrong?
After upgrading to Node 8.2.1 and npm 5.3.0 any dependencies starting with
@
fail withn http 404 return codeNOTE: copied this from https://github.com/npm/registry/issues/195 because after downgrading back to node 6 everything seems to be just fine indicating the issue is likely somewhere in npm not in the registry.
I've tried
EVERYTHING seems to yield the same result.
How can the CLI team reproduce the problem?
The easiest way to reproduce this problem I've seen is from an project with an empty node_modules and a cleared local npm cache, run
npm i "@angular/core"
which yields the following for me:
Installing something without the @ like
npm i typescript
works just fine.supporting information:
npm -v
prints: 5.3.0node -v
prints: v8.2.1npm config get registry
prints: https://registry.npmjs.org/The text was updated successfully, but these errors were encountered: