I am maintaining my first npm package so this might be an error on my part. Once build my package and commit it to git the next step is:
$ npm version patch
$ npm publish
The output (abridged) is as follows:
npm notice
npm notice 📦 #mememe/p3-model#0.7.2
npm notice === Tarball Contents ===
npm notice 188B README.md
npm notice 4.5kB dist/doc.d.ts
(etc)
npm notice 792B package.json
npm notice === Tarball Details ===
npm notice name: #mememe/p3-model
npm notice version: 0.7.2
npm notice filename: #mememe/p3-model-0.7.2.tgz
npm notice package size: 6.2 kB
npm notice unpacked size: 23.2 kB
npm notice shasum: cb5588ee626efc21532845c608fdb05a5fcd4db3
npm notice integrity: sha512-s7IK2HSXCNTUk[...]ZHxDgAOIr4Cnw==
npm notice total files: 11
npm notice
npm notice Publishing to https://registry.npmjs.org/
⸨⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⸩ ⠇ : notice Publishing to https://registry.npmjs.org/
So far so good. But then somehow it attempts to publish again and gets an error that I am publishing on top of an old version. The output continues:
> #mememe/p3-model#0.7.2 publish
> npm publish
npm notice ⠂⠂⠂⠂⠂⠂⠂⠂⸩ ⠇ : notice Publishing to https://registry.npmjs.org/
npm notice 📦 #mememe/p3-model#0.7.2
npm notice === Tarball Contents ===
npm notice 188B README.md
npm notice 4.5kB dist/doc.d.ts
npm notice 6.5kB dist/doc.js
(etc)
npm notice === Tarball Details ===
npm notice name: #mememe/p3-model
npm notice version: 0.7.2
npm notice filename: #mememe/p3-model-0.7.2.tgz
npm notice package size: 6.2 kB
npm notice unpacked size: 23.2 kB
npm notice shasum: cb5588ee626efc21532845c608fdb05a5fcd4db3
npm notice integrity: sha512-s7IK2HSXCNTUk[...]ZHxDgAOIr4Cnw==
npm notice total files: 11
npm notice
npm ERR! code E403
npm ERR! 403 403 Forbidden - PUT https://registry.npmjs.org/#mememe%2fp3-model - You cannot publish over the previously published versions: 0.7.2.
npm ERR! 403 In most cases, you or one of your dependencies are requesting
npm ERR! 403 a package version that is forbidden by your security policy, or
npm ERR! 403 on a server you do not have access to.
⸨⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⠂⸩ ⠇ : notice Publishing to https://registry.npmjs.org/
npm ERR! A complete log of this run can be found in:
I only entered the npm publish command once. Is there some action of this command (perhaps an option in package.json) that would cause this?
The correct package gets published and I can use it in other projects. But this error is a bit disconcerting. Any suggestions?
I had the same issue and just solved it.
My problem was, that i had defined a script with publish in my package.json, so it was fired after/before again.
The idea behind that was to have a hint (like a command list) about the commands i use for building, testing, generating documentation and publishing. But unfortunately then the command was fired twice all the time.
In my case, the package.json looked like this:
{
"name": "my-package",
"version": "1.0.0",
"scripts": {
"build": "echo here could be a build job",
"test": "jasmine",
"publish": "npm publish"
}
Check your package.json for a entry at scripts which key is named publish. If you have an entry with the key publish, then remove this line entirely or use a different key for your script.
Related
I am trying to publish #babel/runtime package into my gitlab registry and while doing so i am facing E400 error. Adding the error logs below
npm notice === Tarball Details ===
npm notice name: #babel/runtime
npm notice version: 7.18.9
npm notice package size: 30.2 kB
npm notice unpacked size: 202.4 kB
npm notice shasum: dd63a562109741efdb37bd99af6873c143ea4f92
npm notice integrity: sha512-V6s46s886z0JV[...]zG4PMb7qvVVSA==
npm notice total files: 193
npm notice
npm ERR! code E400
npm ERR! 400 Bad Request - PUT https://gitlab.server.net/api/v4/projects/69/packages/npm/#babel%2fruntime
npm ERR! A complete log of this run can be found in:
npm ERR! /home/gitlab/.npm/_logs/2022-08-29T11_16_10_937Z-debug.log
adding the details of npmrc below
//gitlab.server.net/api/v4/projects/69/packages/npm/:_authToken={AUTH_TOKEN}
registry=https://gitlab.server.net/api/v4/projects/69/packages/npm/
Almost certainly you're violating the package naming guidelines - unless your group name is #babel.
I followed Using Nexus 3 as Your Repository – Part 2: npm Packages to set up an internal npm repository.
I'm then able to do this,
$ npm view jsreport dist.tarball
https://registry.npmjs.org/jsreport/-/jsreport-3.0.1.tgz
I have this in my ~/.npmrc file
$ cat ~/.npmrc
//internal_nexus_url:8081/repository/:_authToken=NpmToken.43b77b61-2492-39b8-8150-38555f6b6943
I have this in my /path_to_project/.npmrc file
registry="http://internal_nexus_url:8081/repository/npm-private/_auth=base64_user_pw"
and this in my /path_to_project/package.json file
{
...
"publishConfig": {
"registry": "http://internal_nexus_url:8081/repository/npm-private"
},
...
}
When do an npm publish I get
npm notice === Tarball Details ===
npm notice name: my-package
npm notice version: 2.4.4
npm notice filename: my-package-2.4.4.tgz
npm notice package size: 141.6 MB
npm notice unpacked size: 421.1 MB
npm notice shasum: 09c134ef93ce70e999d62820b5bffc6cf23765f3
npm notice integrity: sha512-X5iqe9DV03MPG[...]TKvNZO4O8ToyQ==
npm notice total files: 17559
npm notice
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`
npm ERR! A complete log of this run can be found in:
npm ERR! /patch/.npm/_logs/2021-11-16T21_48_03_450Z-debug.log
The error file above basically says the same thing. So I follow the instructions, and do
$ npm adduser
$ npm adduser
npm notice Log in on http://internal_nexus_url:8081/repository/exa-npm-private/_auth=base64_user_pw
Username: nexus-user
Password:
Email: (this IS public) nexus#kmha.com
npm ERR! code E401
npm ERR! Unable to authenticate, need: BASIC realm="Sonatype Nexus Repository Manager"
npm ERR! A complete log of this run can be found in:
npm ERR! /path/.npm/_logs/2021-11-16T21_52_29_060Z-debug.log
What's preventing me from publishing to my internal npm repo?
UPDATE:
I modified my ~/.npmrc file to include the information on How should I set _auth in .npmrc when using a Nexus https npm registry proxy? to no avail.
I'm setting up a GitHub action to automatically lint and test every commit. Unfortunately, the action always fails when npm is installing the dependencies.
In short, I think something's messed up with the package-lock.json and I need to regenerate it, somehow. Any ideas?
The error
npm ERR! code E404
npm ERR! 404 Not Found - GET https://registry.npmjs.org/fsevents/-/fsevents-2.2.3.tgz
npm ERR! 404
npm ERR! 404 'fsevents#2.2.1' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.
npm ERR! A complete log of this run can be found in:
npm ERR! /home/runner/.npm/_logs/2021-01-08T07_29_59_535Z-debug.log
I believe that's a result of this section of the package-lock.json
"fsevents": {
"version": "2.2.1",
"resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.2.3.tgz",
"integrity": "sha512-bTLYHSeC0UH/EFXS9KqWnXuOl/wHK5Z/d+ghd5AsFMYN7wIGkUCOJyzy88+wJKkZPGON8u4Z9f6U4FdgURE9qA==",
"dev": true,
"optional": true
}
Notice how the URL is different than the version number. Fsevents never had a v2.2.3, only v2.2.2.
Fsevents is not a direct dependency of this project (i.e., it's not in the package.json).
Debug steps
I've tried:
npm update
npm audit fix
deleting the package-lock.json, then npm install
npm install --package-lock
manually editing the package-lock.json, but it just reverts back after an npm install
on my computer (macOS Big Sur, Intel), I did rm -rf node_modules && npm install, but I have any issues installing or running the tests
on my computer, I tried npm ci just like the action, no error or issues
The GitHub action
In case it makes a difference, here's the GitHub action:
name: Continuous integration
on: [push]
jobs:
test-push:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- uses: actions/setup-node#v1
with:
node-version: 14
- run: npm ci
- run: npm run lint
- run: npm run test
The error occurs on the npm ci step.
[Update]: I also tried the Github Action on macOS with runs-on: macos-latest. Same error.
Turns out I needed to both delete the node_modules and package-lock.json. Doing only one of the two didn't work.
rm -rm node_modules
rm package-lock.json
npm i
It's pretty straight forward to install a package from a private registry:
npm install my-package --registry https://<private-registry-url>
This will add an entry to the package-lock.json:
"my-package": {
"version": "1.0.0",
"resolved": "https://<private-registry-url>/<some_path>/my-package-1.0.0.tgz",
"integrity": "sha1-Pjs/y9sEp49/OC8+8eEZFdwT3BQ="
},
So far so good, everything as expected.
The problem now is when you want to install all npm packages from a different device using npm install. This will fail with following error:
npm ERR! code E404
npm ERR! 404 Not Found - GET https://registry.npmjs.org/my-package - Not found
npm ERR! 404
npm ERR! 404 'my-package#1.0.0' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404 It was specified as a dependency of 'app'
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.
npm ERR! A complete log of this run can be found in:
npm ERR! C:\Users\<user>\AppData\Roaming\npm-cache\_logs\2019-08-06T08_33_05_103Z-debug.log
So it tries to fetch my-package from the public npm registry (https://registry.npmjs.org/my-package), but of course fails because my-package is located in the private registry.
Now this really breaks my understanding of package-lock.json..
Shouldn't npm look in the package-lock.json to see where the packages were resolved before? Instead it just assumes that it has to be in the public registry..
The other funny thing is, that it works once you manually installed the package with the --registry flag again:
npm install my-package --registry https://<private-registry-url> && npm i
And after that it will work everytime until you upgrade the version of my-package or switch the device..
I also tried npm ci command but without success (same error).
So how to properly install packages from private registries, so they can easily be installed on any other device using npm install?
I want to publish a private npm package with Gitlab CI.
I've created an auth token for my npm user and set it as a variable NPM_TOKEN in my Gitlab CI settings.
The job then creates an .npmrc file with the registry and the auth token.
- npm run build && npm run build:es6
- echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}'>.npmrc
- npm publish
The job fails with this message:
npm ERR! code ENEEDAUTH
npm ERR! need auth auth required for publishing
npm ERR! need auth You need to authorize this machine using `npm adduser`
Is it possible to publish with only an auth token?
As #Amityo said, rather than manually editing the npmrc file,
npm config set //registry.npmjs.org/:_authToken ${NPM_TOKEN}
is the way to go, because otherwise you may be editing the wrong npmrc file.
If you are still getting an authentication error, and are certain that the token is correct, check your registry URL. You can run
npm publish --verbose
whose output will includes lines like
npm verb getPublishConfig { registry: 'https://.......' }
npm verb mapToRegistry no registry URL found in name for scope #boxine
npm verb publish registryBase https://.......
If you are publishing to npmjs.org, the URL (....... above) should be https://registry.npmjs.org/ .
If this registry URL does not fit, look in your npmrc file for a different one. Also make sure you didn't override the registry in your package.json file! You can search for publishConfig in that file.
To elaborate slightly on #phihag's answer, forward slashes are very important.
At first I kept getting 404 not found
$ npm publish
...
...
npm ERR! code E404
npm ERR! 404 Not Found - PUT https://gitlab.company.com/api/v4/packages/npm/%2fmypackage - 404 Not Found
npm ERR! 404
npm ERR! 404 '#scope/mypackage#0.1.0' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.
I am using 2FA so as the gitlab docs state, I need to use a personal access token set to api to authenticate. In another part of the gitlab docs it states
Some features such as publishing a package is only available on the project-level endpoint.
So in console I tried to publish to and authenticate at the project level
$ npm config set #scope:registry https://gitlab.company.com/api/v4/projects/123/packages/npm
$ npm config set //gitlab.company.com/api/v4/projects/123/packages/npm:_authToken 'MyGeneratedAccessToken'
Which eliminated my first issue of 404 not found, but now I couldn't authenticate.
For hours.
$ npm publish --verbose
npm verb cli [ '/usr/local/bin/node', '/usr/local/bin/npm', 'publish', '--verbose' ]
npm info using npm#7.11.2
npm info using node#v15.11.0
...
...
npm verb publish [ '.' ]
npm notice
npm notice 📦 #scope/mypackage#0.1.0
npm notice === Tarball Contents ===
npm notice 214B README.md
npm notice 1.1kB package.json
npm notice === Tarball Details ===
npm notice name: #scope/mypackage
npm notice version: 0.1.0
npm notice filename: #scope/mypackage-0.1.0.tgz
npm notice package size: 764 B
npm notice unpacked size: 1.3 kB
npm notice shasum: c22a42756de43e282da01f33c7d5da4940c7d1d7
npm notice integrity: sha512-l/P2cr52Lle7h[...]isu3rDME3lYuQ==
npm notice total files: 2
npm notice
npm verb stack Error: This command requires you to be logged in.
npm verb stack at Publish.publish (/usr/local/lib/node_modules/npm/lib/publish.js:104:29)
npm verb cwd /home/user/Workspace/mypackage
npm verb Linux 5.8.0-43-generic
npm verb argv "/usr/local/bin/node" "/usr/local/bin/npm" "publish" "--verbose"
npm verb node v15.11.0
npm verb npm v7.11.2
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`
npm verb exit 1
npm timing npm Completed in 352ms
npm verb code 1
npm ERR! A complete log of this run can be found in:
npm ERR! /home/user/.npm/_logs/2021-05-12T11_23_19_273Z-debug.log
As you can see, npm publish --verbose isn't being helpful in telling me the URL i'm trying to publish to. Checking the documentation again showed I was missing the trailing slashes after 'packages/npm'.
With the trailing slashes, I was able to publish to the gitlab npm package repository for that project
$ npm config set #scope:registry https://gitlab.company.com/api/v4/projects/123/packages/npm/
$ npm config set //gitlab.company.com/api/v4/projects/123/packages/npm/:_authToken 'MyGeneratedAccessToken'
And for all packages I use
$ npm config set #scope:registry https://gitlab.company.com/api/v4/packages/npm/
$ npm config set //gitlab.company.com/api/v4/packages/npm/:_authToken 'MyGeneratedAccessToken'
I had the same issue for npm publish. I tried with yarn publish and it also failed.
It was successful when I ran:
yarn publish --non-interactive
Also, I had an issue related to .husky (cannot install husky) and it was solved running before yarn publish this command with npm:
npm set-script prepare ''