I have two npm packages that are private repositories hosted on gitlab.com under a group organization.
My first package lives well and get updated and downloaded by users of the same organisation.
To install a private scoped package, the doc says:
# Set URL for your scoped packages.
# For example package with name `#foo/bar` will use this URL for download
npm config set #foo:registry https://gitlab.example.com/api/v4/projects/<your_project_id>/packages/npm/
So my .npmrc looked like
#mygroup:registry=https://gitlab.com/api/v4/projects/<id-project-1>/packages/npm/
//gitlab.com/api/v4/projects/<id-project-1>/packages/npm/:_authToken=<token>
//gitlab.com/api/v4/projects/<id-project-2>/packages/npm/:_authToken=<token>
//gitlab.com/api/v4/packages/npm/:_authToken=<token>
Obviously, everything works fine for the first package but not for the second one.
What I can't understand is why a scoped package should refer to a unique project url?
Because of this, I can't install both of my packages: the url of my scoped packages will only be valid for one of them.
I looked at the api endpoint to return a list of my group's packages I found this:
https://docs.gitlab.com/ee/api/packages.html#within-a-group
So I updated my .npmrc to
#mygroup:registry=https://gitlab.com/api/v4/groups/mygroup/packages/npm/
//gitlab.com/api/v4/projects/<id-project-1>/packages/npm/:_authToken=<token>
//gitlab.com/api/v4/projects/<id-project-2>/packages/npm/:_authToken=<token>
//gitlab.com/api/v4/packages/npm/:_authToken=<token>
But it doesn't work.
On the group/group-id/packages route I only get gitlab infos but nothing in an npm friendly format.
How to install more than one private scoped npm package hosted under the same group?
The instance level endpoint seems answer to your situation instance-level-npm-endpoint
Using:
npm config set #mygroup:registry https://gitlab.example.com/api/v4/packages/npm/
npm config set -- '//gitlab.example.com/api/v4/packages/npm/:_authToken' "<your_token>"
You should be able to publish #mygroup/project1 & #mygroup/project2
I experienced some troubles using yarn (1.22.10) so I'll post more details here just to save couple of hours to anybody reading this.
For some unknown reasons I was able to install the package with npm but not with yarn and I got Request failed \"404 Not Found\"
I ended up by creating a .npmrc file at the root of the project (I'm working with docker) with the following content:
#my-org:registry=https://gitlab.com/api/v4/packages/npm/
//gitlab.com/api/v4/packages/npm/:_authToken=<GITLAB_TOKEN_API_SCOPE>
//gitlab.com/api/v4/projects/<ID_PROJECT_1>/packages/npm/:_authToken=<GITLAB_TOKEN_API_SCOPE>
//gitlab.com/api/v4/projects/<ID_PROJECT_2>/packages/npm/:_authToken=<GITLAB_TOKEN_API_SCOPE>
Line 3 and 4 are required for yarn but not for npm.
To make it work replace #my-org by your gitlab organisation name, gitlab.com by the url where your projects are, <ID_PROJECT_X> by the ids of the projects you want to install and <GITLAB_TOKEN_API_SCOPE> by a personal token with an API scope.
Related
npm provides a great way of associating a scope with a registry but I don't really see it working with AWS CodeArtifact.
I expect that once you created a domain #myco and a couple of repositories under that domain, ex: #myco/repo-a & #myco/repo-b I would be able to:
npm config set #myco:registry https://888999.d.codeartifact.eu-central-1.amazonaws.com/npm/
npm config set //888999.d.codeartifact.eu-central-1.amazonaws.com/npm/:_authToken=xxx
and all repositories could be installed with the same authToken, but aws codeartifact login expects repository which makes me think that it's not possible to install 2 private repos using one token.
Any ideas?
The root of my confusion was an assumption that AWS CodeArtifact has the following hierarchy:
Domains - I've interpreted that as a namespace
Repositories - I've interpreted that as list of npm packages
In fact, it's slightly different:
Domains - is a namespace/domain
Repositories - list of different repositories/registries
Where we can push lots of npm packages
As result generated token works as expected if we configure global .npmrc like this:
registry=https://registry.npmjs.com/
#myco:registry=https://xxx.d.codeartifact.region.amazonaws.com/npm/registry/
//xxx.d.codeartifact.region.amazonaws.com/npm/registry/:always-auth=true
//xxx.d.codeartifact.region.amazonaws.com/npm/registry/:_authToken=${CODEARTIFACT_AUTH_TOKEN}
That works for both default npm registry and your own.
I have a private Verdaccio npm repository.
I configured authentification for using htppasswd file
auth:
htpasswd:
file: /verdaccio/conf/htpasswd
max_users: -1
So now nobody can do npm add ... but must use npm login ...
After being logged, I can publish my library with npm publish
But there are few point I don't understand :
npm login is asking me an email. But what's the point ? I don't find any trace of that email in the published package.
After npm login a token is generated in my .npmrc file. Does it have a validity date ?
After being published, in Verdaccio, I see anonymous as author name. The only solution I found to 'put' my name is adding an author tag in the package.json. But if we are 3 persons working on that library we have to change our name each time ? Is there a way to associate (on the server) an htpasswdd with a author name/email ?
here Verdaccio core maintainer. I'll try to answer all your questions.
npm login is asking me an email. But what's the point ? I don't find any trace of that email in the published package.
Verdaccio does not requires email, but unfortunately npmjs.org does, so just write any value and skip that step, we cannot do anything to avoid that.
After npm login a token is generated in my .npmrc file. Does it have a validity date ?
That depends of which auth you are using, by default the token never expires using
auth:
htpasswd:
file: /verdaccio/conf/htpasswd
but if you want to expire tokens then you would need to add the security new property introduced in Verdaccio 4.
security:
api:
jwt:
sign:
expiresIn: 29d
The example above will expire all tokens after 29 days and it overrides the default behaviour, the tokens becomes compatible with JWT compatible and share all it properties and benefits.
After being published, in Verdaccio, I see anonymous as author name. The only solution I found to 'put' my name is adding an author tag in the package.json. But if we are 3 persons working on that library we have to change our name each time ? Is there a way to associate (on the server) an htpasswdd with a author name/email ?
Author can be only one, but you have more options, either contributors or maintainers. Just add them in the package.json as follows.
The result would be this in the Verdaccio UI.
I'm wondering if it's possible to run Vuetify (out-of-the-box) with Vert.x. I've played around a bit and I don't see a straightforward way but perhaps I'm missing something.
Sources:
https://vuetifyjs.com/en/getting-started/quick-start
https://reactiverse.io/es4x/start/install
Steps:
Create an out-of-the-box Vuetify:
npm install #vue/cli -g
vue create my-app
cd my-app
vue add vuetify
Test that it works by running it in Node
npm run start
When I view http://localhost:8080 (using node) it looks good. So I
create a compiled version in a dist folder
npm run build
Now I would like to try and get it working in Vert.x So I add ES4X, which is supposed to allow ES 5+ js code
npm install -g es4x-pm
es4x init
npm install #vertx/unit --save-dev
npm install #vertx/core --save-prod
npm install #vertx/web --save-prod
npm install
Create an index.js file so vert.x server for the index.html
vertx.createHttpServer().requestHandler(function (req){
req.response().sendFile("dist/index.html");
}).listen(8080);
Run Vert.x
npm start
When I view http://localhost:8080 it does not show as expected. It looks like a blank page. When I view the source code of the page in a browser, it shows the contents of the index.html file. So I know it's loading it, just not interpreting it. When I view the console I see a log entry saying Syntax error: Expected expression, got '<'
Note - I would like to avoid going the 'CDN install' route shown on the Vuetify quick-start link. My project is fairly complex and I just wanted to test how Vuetify by itself worked with Vert.x before tying in all the other dependencies
You've added a bare request handler, think of it as using just core nodejs modules. In order to serve multiple files and resources you should use vertx-web (which you already installed). In this case your code should be:
import { Router, StaticHandler } from '#vertx/web';
// router acts like express if you're familiar with it
const app = Router.router(vertx);
// for any HTTP GET request this will be your
// first handler "dist" is your static files root dir
app.get().handler(StaticHandler.create("dist"));
// add more handlers as needed...
vertx.createHttpServer()
.requestHandler(app)
.listen(8080);
So now all your static files should be served correctly...
Not sure I'm grokking this question.
Vuetify is runs in the browser, Es4x runs on the server.
You just need way to serve the static 'dist' folder, as described above.
ps: I'm assuming you're not doing server-side rendering, in which case, I'm not sure if es4x will work (it might).
I am trying to create a new stenciljs project using command npm init stencil. As soon as I choose a set up (whether app or component) and hit 'enter', a read ECONNRESET error is prompted.
I have tried updating the npm but nothing is working.
I expect the command prompt to show me the option where I can enter the project name after choosing a setup for my project but it throws an error, instead.
An ECONNRESET in npm means that npm is unable to connect to an URL where it's looking for dependencies or resources. In most cases, that means that your npm is unable to connect to the NPM Registry. But in your case it seems different.
You're trying to create a Stencil app, with npm init stencil. Under the hood, that That means you're using npm to download the create-stencil package and run it to generate the scaffold of your Stencil app.
The first part, getting the create-stencil package works well, the problem arrives while running the package. If I am correct, create-stencil tries to clone the stencil-app-starter GitHub repository and modify it. So maybe you're behind a corporate or university proxy, blocking GitHub, or another the URLs of the create-stencil resources, maybe the connection is rather flacky, maybe GitHub was done at that moment...
I've recently created a new Organization and went for the paid plan to publish unlimited private packages.
However, each time I try to publish my package to my Org, it keeps giving me the following error:
npm ERR! publish Failed PUT 403
npm ERR! code E403
npm ERR! Forbidden : #myScopeName/myPackageName
I've already logged out and then logged in as a scope; like this:
npm login scope=myScopeName
Which then returns the following
logged in as myUserName to scope #myScopeName on http://registry.npmjs.org/
And I've checked my .npmrc file and I have the following lines:
registry=http://registry.npmjs.org/
scope=myScopeName
#myScopeName:registry=http://registry.npmjs.org
Yet I still can't publish my package. Does anyone know if I've forgotten something else or if I did something wrong according to the above?
Thank you!
This is an error that can have many origins. I will list some of the possibilities below:
Your email address is not validated.
The package is assigned to a group, in which you are not present.
The name of the package you provided is similar to a yet existing package name in your scope.
A typo in the scope name.
A malformed package name.
...
Through experimenting, I actually found out that the naming scheme for private npm packages is different than the one officially documented. It appears that privately pushed packages cannot contain underscores, and probably other stuff is also conflicting with the official documents.
I had the same issue. I had an unverified email address associated with the account. After verifying the account, I was able to publish the package. Check the name of the package if it is conflicting with another package with a similar name. That might be an issue.