{% hint style="info" %}
Availability
This feature is available with Enterprise plans. For more information, see plans and pricing.
Note that this guide is relevant for Snyk UI integrations only. The CLI already supports Yarn and npm Projects with private Artifactory registries. {% endhint %}
Snyk can use Artifactory Package Repositories with npm and Yarn Projects. This enables Snyk to regenerate lockfiles with the correct URLs when creating Pull/Merge Requests.
You can add configuration to tell Snyk where your private Artifactory Node.js packages are hosted and under what scope. This is the same information you would normally add in your .yarnrc or .npmrc
- Navigate to Settings > Languages > JavaScript and either the npm or Yarn settings, depending on your Project type.
- If you have not previously connected to Artifactory, you will be asked to configure an integration first; see Artifactory Package Repository connection setup.
- Select Add registry configuration.
- Select Artifactory as the Package source.
- If you want to configure this registry as the default registry url, leave the scope blank.
- If you want to configure only scoped packages to use this registry, add a scope.
- If you want to add a mix of default registry url and scoped packages, add multiple configurations, one for the default and one per scope.
- When you have added all the registries and scopes you want, click Update settings.
Open a Pull/Merge Request on a Project that contains private dependencies that are hosted in Artifactory to see a lockfile updated and included in the Snyk Fix Pull Request with the correct URL to your repository.
Pull request to test Artifactory integration