You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Yarn install for a custom aliased package that is private and scoped does not send auth headers. When adding the scope to the alias name, or include always_auth it will send auth headers. Command
yarn install
What is the current behavior?
When trying to install a scoped private package as an alias without the scope, yarn install is not sending auth headers causing a 404 on install.
What is the expected behavior?
The install should not 404, and instead should send auth headers along with the request.
The npm registry should not use the package name for an aliased package, it should use the target package, E.G. "some-alias": "npm:@some-scope/some-package@1.0.0",
Should use @some-scope/some-package not some-alias
See:
Add an aliased package at an alias name that does not have the scope, E.G.yarn add some-alias@npm:@some-scope/some-package@1.0.0 that has a scope and requires authorization
Attempt to yarn install
Receive 404 error
Environment
Node Version: 12.14.0
Yarn v1 Version: 1.2.1
OS and version: macOS High Sierra version 10.13.6
The text was updated successfully, but these errors were encountered:
Since the alias name / key name / package identity (which is the part that gets used for the isScopedPackage) has the scope it will send the auth headers.
The work around linked above is strange, to depend on the cache for the install, and since the linked issue above is closed as its fixed in v2 this seems to be the path forward. Can't say I agree with closing the linked issue.
There's plenty of people sill using yarn@1.x - this should be fixed imo. Just ran into this issue and spent half a day trying to figure out what was causing it.
Bug description
Yarn install for a custom aliased package that is private and scoped does not send auth headers. When adding the scope to the alias name, or include always_auth it will send auth headers.
Command
What is the current behavior?
When trying to install a scoped private package as an alias without the scope, yarn install is not sending auth headers causing a 404 on install.
What is the expected behavior?
The install should not 404, and instead should send auth headers along with the request.
The npm registry should not use the package name for an aliased package, it should use the target package, E.G.
"some-alias": "npm:@some-scope/some-package@1.0.0",
Should use
@some-scope/some-package
notsome-alias
See:
yarn/src/registries/npm-registry.js
Line 157 in b07a19b
Steps to Reproduce
yarn add some-alias@npm:@some-scope/some-package@1.0.0
that has a scope and requires authorizationEnvironment
12.14.0
1.2.1
The text was updated successfully, but these errors were encountered: