Yarn can not use private registries #2541
Comments
noherczeg
changed the title
|
i use |
|
My example is with Nexus3 by the way. |
|
I also tried; It's strange that it logs out |
|
I deleted my previous comment - my setup was almost identical to OPs using fury.io. I logged out of npm ( |
|
@bcruddy How could yarn run successfully if you weren't even logged in your repo? That can not be possible. |
|
fury.io puts the token in the registry url so there's no need to be logged in to anything. So yeah.. pretty sure it's possible. I'm wondering if having an auth token in my |
|
Same problem here. We are using nexus and yarn can't install private package correctly. In my case it refuse to install dependencies of the package that I want to install passing through the private registry. I have an .npmrc in my project folder that looks like:
Trying to install a package published on our nexus private registry:
This is the output: yarn add v0.20.3
info No lockfile found.
verbose Performing "GET" request to "https://yarnpkg.com/latest-version".
[1/4] 🔍 Resolving packages...
verbose Performing "GET" request to "***/repository/npmjs/@mc%2fng-bundle".
verbose Request "***/repository/npmjs/@mc%2fng-bundle" finished with status code 200.
verbose Performing "GET" request to "***/repository/npmjs/angular".
verbose Performing "GET" request to "***/repository/npmjs/angular-animate".
verbose Performing "GET" request to "***/repository/npmjs/angular-aria".
verbose Performing "GET" request to "***/repository/npmjs/angular-cookies".
verbose Performing "GET" request to "***/repository/npmjs/angular-messages".
verbose Performing "GET" request to "***/repository/npmjs/angular-resource".
verbose Performing "GET" request to "***/repository/npmjs/angular-sanitize".
verbose Performing "GET" request to "***/repository/npmjs/angular-touch".
verbose Performing "GET" request to "***/repository/npmjs/angular-ui-router".
verbose Performing "GET" request to "***/repository/npmjs/angulartics".
verbose Performing "GET" request to "***/repository/npmjs/angulartics-google-analytics".
verbose Performing "GET" request to "***/repository/npmjs/dress-code".
verbose Performing "GET" request to "***/repository/npmjs/humps".
verbose Performing "GET" request to "***/repository/npmjs/lodash".
verbose Request "***/repository/npmjs/angular" finished with status code 401.
verbose Performing "GET" request to "***/repository/npmjs/oclazyload".
verbose Error: Couldn't find package "angular" on the "npm" registry.
at MessageError (/usr/local/Cellar/yarn/0.20.3/libexec/lib/node_modules/yarn/lib/errors.js:8:5)
at /usr/local/Cellar/yarn/0.20.3/libexec/lib/node_modules/yarn/lib/resolvers/registries/npm-resolver.js:209:15
at next (native)
at step (/usr/local/Cellar/yarn/0.20.3/libexec/lib/node_modules/yarn/node_modules/babel-runtime/helpers/asyncToGenerator.js:17:30)
at /usr/local/Cellar/yarn/0.20.3/libexec/lib/node_modules/yarn/node_modules/babel-runtime/helpers/asyncToGenerator.js:28:13
at process._tickCallback (internal/process/next_tick.js:103:7)
error Couldn't find package "angular" on the "npm" registry.
So it seems that is actually performing the first request correctly but then fails for subsequent requests. |
|
for my case, I solved it by reorder entries in npmrc. particularly |
|
In the hope that this is going to help someone, here's what I did to get yarn working with our private repo (an instance of proget) and our git monorepo. This is the only way I found where you can use yarn as a "drop-in" replacement as it is intended to be used. First of all you install yarn globally by doing: As of version 0.21.3, from what I could tell, Yarn doesn't support the "Encoded" version of the .npmrc file so don't even bother with it. If your .npmrc has something like this: it won't work. You have to simply open your .npmrc file with a text editor and replace all the text with a basic auth URL like this: Beware of your global .npmrc vs local project .npmrc in your git repo. In the case of a monorepo, it's possible that you have a .npmrc file for each package under the packages folder. This is going to impact the ability for yarn to use your global npm settings. If you keep them, you have to make the same mods in all .npmrc through your project. So once you make all these changes, you basically replace "npm install" by "yarn": In a monorepo situation where you use lerna, there is an open issue related to parallel execution with yarn. You simply can't run yarn in parallel right now. Normally you would simply do: but that is going to fail because of this open ticket: #Issue 683 At the moment, you have to disable erna parallel execution by doing this command: If you still run into some issues just type: You will see the yarn log in your console and should figure out the problem easily. For example, without the settings above I was seeing error 401 (not authenticated) exceptions in the log which triggered me to refocus my research... |
|
Just to let you know Yarn seems to work fine with Sinopia as it just proxies packages from npm registry when they are missing in Sinopia. |
|
It should be fixed now |
|
It seems to me that whatever is written in .npmrc or .yarnc registry key, the real http request sent is always using the default https://registry.yarnpkg.com/ prefixed url. I found that in source code : https://github.com/yarnpkg/yarn/blob/master/src/registries/npm-registry.js
The url.resolve() does not replace the url with the base registry url. Instead, I patched it like this: and it works fine! |
|
Yarn would make requests to the URLs listed in yarn.lock file.
If yarn.lock exists Yarn would skip resolution step.
This discussion is related yarnpkg/rfcs#64
But people wanted to revamp the whole yarn.lock file while I was looking
for something simple similar to what you did.
Do you want to pick it up and lead the fix?
…On 30 May 2017 at 10:22, arnaud.nauwynck ***@***.***> wrote:
It seems to me that whatever is written in .npmrc or .yarnc registry key,
the real http request sent is always using the default
https://registry.yarnpkg.com/ prefixed url.
This work fine except when you are behind a corporate firewal, and you
absolutely need to used corporate registry (I use Nexus3)...
(Another workaround is to use http-proxy options with your user/password,
but this is not ok to put my password on a shared jenkins server for
building)
I found that in source code : https://github.com/yarnpkg/
yarn/blob/master/src/registries/npm-registry.js
request(pathname: string, opts?: RegistryRequestOptions = {}, packageName:
?string): Promise<*> { const registry = this.getRegistry(packageName ||
pathname); const requestUrl = url.resolve(registry, pathname); // <== does
not work..
An example of values is
***@***.***/core/-/core-4.0.0.tgz"
registry="https://mynexus-npm.mycompany/nexus/repository/npm-group/"
I get requestUrl = pathname instead of
requestUrl ="https://mynexus-npm.mycompany/nexus/repository/
***@***.***/core/-/core-4.0.0.tgz"
The url.resolve() does not replace the url with the base registry url.
Instead, I patched it like this:
request(pathname: string, opts?: RegistryRequestOptions = {}, packageName:
?string): Promise<*> { const registry = this.getRegistry(packageName ||
pathname); // PATCH!! const requestBaseUrl = url.resolve(registry,
pathname); // does not work... const requestUrl = requestBaseUrl.replace('
https://registry.yarnpkg.com/', registry);
and it works fine!
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
<#2541 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ACBdWO6cYwnmcP9RB9QH8gUOr4NKn5g_ks5r-9_GgaJpZM4LsF3f>
.
|
|
I made a pull request #3528 |
|
Thanks, I'll have a look at the PR
…On 30 May 2017 at 10:33, arnaud.nauwynck ***@***.***> wrote:
I made a pull request #3528 <#3528>
My fix was "simple", but I don't know all the impacts in your yarn.lock
file.
I just wanted to fix my corporate firewall problem!
Thank you for offering me to "lead the fix", but I am not the right person
for leading it.
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
<#2541 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ACBdWEb3eRILxFblILyDo0EHW0ex_TPsks5r--JfgaJpZM4LsF3f>
.
|
Do you want to request a feature or report a bug?
Bug
What is the current behavior?
Yarn fails to install dependencies from private registry. NPM-Cli works though. Tokens (in an up-to-date format) are in place in
$HOME/.npmrc.If the current behavior is a bug, please provide the steps to reproduce.
Set up .npmrc in project root:
Run:
yarn --verboseWhat is the expected behavior?
Installation of dependencies to succeed.
Please mention your node.js, yarn and operating system version.
The text was updated successfully, but these errors were encountered: