npm install always uses artifactory registry and ignores .npmrc file - npm

My .npmrc file previously contained registry=https://company.jfrog.io so upon npm install this registry was used. Now I want to use the public registry for my personal project, but even though I delete the .npmrc file and even create one at the root of my project containing the public registry, this custom registry is always used to install dependencies!
When i run npm config ls -l it displays registry = "https://registry.npmjs.com/" . But when i remove the lockfile and npm install, it still uses the artifactory registry!
How can I just use the public npm registry?

If you change from one registry to an other you need to make sure, that you do following things:
Check the current registry with npm config list command. The command should be called from the root directory of the project, as a local .npmrc can overwrite the registry settings. If the listed registry entry is not ok, please update the global and/or the local .npmrc file.
Delete node_modules in your project.
Remove package-lock.json in your project.
Clean the npm cache by deleting the npm-cache folder manually. On Windows it is by default on %appdata%\npm-cache location. As an alternative npm cache clean --force command could also work, but if you want to be sure, do the manual delete.
In your case most probably the last step is missing, the cleaning of the npm cache. If the npm cache is not cleaned, npm install gets the already downloaded packages from the cache and writes their registry url into the newly generated package-lock.json. And as the cached packages are still from https://company.jfrog.io, the urls in the generated package-lock.json will still point to https://company.jfrog.io.

Related

Yarn lock file resource source changed from registry.yarnpkg.com to registry.npmjs.org

I recently npm installed a package into my Ruby on Rails application. The installation changed my yarn.lock file. Specifically, the "resolved" field for all my resources have changed from yarnpkg.com to npmjs.org.
From this:
d3-dsv#1:
version "..."
resolved "https://registry.yarnpkg.com/d3-dsv/-/d3-dsv-1.0.8.tgz#..."
integrity ...
To this:
"d3-dsv#1":
"integrity" "..."
"resolved" "https://registry.npmjs.org/d3-dsv/-/d3-dsv-1.1.1.tgz"
"version" "..."
Is there a problem with these changes in this yark.lock file? Should I have done some yarn alternate to npm installing?
You can fix this issue by re-running yarn again.
To accomplish this, follow the steps below.
Remove the registry.npmjs.org section in your yarn.lock file.
Run the yarn command again.
$ yarn
This should rewrite the yarn.lock to change the registry from npm to Yarn.
The steps above should rewrite the yarn.lock file, and change the registry and text from npm to Yarn.
If you are using only public packages in your application then this will not cause many problems. You can go about your business as it is.Although there might be some complications when you authenticate for any of them at any point.
If you are using any private repositories, you have to re-register your packages with yarn and add credentials to them.
The following steps will help you.
Setup a private repo on npmjs.org and add a scope and your package (Lets name it boo)
Create a new project locally and upload it to the npm registry (let's call it blimp)
So when they are updated it will be #boo/blimp
Add the package to your new applications package.json by installing yarn add #boo/blimp
Remove the node_modules (rm -rf node_modules)
Try yarn install if there is an error in the lock file try re-creating one as follows
sed -ie 's,registry.yarnpkg.com/#boo,registry.npmjs.org/#boo,' yarn.lock
7. If that omits an issue like Request failed or something in that alley, try following
yarn config set registry https://registry.npmjs.org
At this point, you have tried lots of options. If this is still an issue in your system then you might have to move to `npm` package management. Follow the [yarn][2] repository for more updates.
Similar issues
yarn.lock should not include base registry
Support protocol-relative registry
Support for registry URLs without trailing slash
I suspect this happened to me because I installed something with npm install instead of yarn. I recognized my mistake, npm uninstalled the package, then yarn added the package, but then every entry in yarn.lock was changed to use npmjs.org instead of yarnpkg.com.
I did not commit the changes to source control, and the problem disappeared after I...
Deleted package-lock.json
Reverted the change to package.json in source control (i.e. removed the new package)
Reverted all changes to yarn.lock in source control
yarn added the package again
I am unsure if using npm install followed by yarn add is really what triggered the problem. Can anyone confirm?

How can i prevent NPM to delete locally installed modules from nodes_modules

I have some local modules which are inhouse developed and I copy to my node_modules folder manually.
When I do this they work fine but after I install some other stuff via ng add or npm install the folder is removed. My question is how can I prevent this from happening so I don't have to copy the files again ?
You need to specify your dependencies in package.json or else you cannot rely on them being in node_modules. Various npm commands might remove it, notably npm ci but also others.
If your package is not publicly published, some options are:
Use a non-public registry and publish it there.
Publish it as a scoped package with limited visibility. You will need a paid or organization account on npm for this. Individual accounts are US$7 a month.
Use npm link to "install" it from your local file system.
Use a postinstall or other life cycle script to have npm copy in your packages for you each time after npm ci or npm install is run.
There are likely other options, but those are the ones that come to mind immediately.

Forking and changing an NPM package

I have been using an NPM for angular-4 which support drag and drop objects (ng2-drag-drop). I found a missing functionality and decide to add it to the package.
What I did is forking the original project and adding my changes. after commit/push to my git I then used the following command to install my NPM :
npm install https://github.com/..... --save
the NPM installed successfully however when looking in my node_modules I see that the source files are missing and I have only the root directory including the package.json and some other files . any source files are missing.
I then tried to instal the NPM directly from the author git so instead of running :
npm install ng2-drag-drop --save
I used
npm install https://github.com/ObaidUrRehman/ng2-drag-drop.git --save
and I had the same issue with my fork.
Why the installation is different between the author git and the named package ? isn't it taking the files from the same location ? if no, what should I do to make it work ?
The reason you are not able to see the src folder is
If you see the git repo you will find two files
gitignore & npmignore.
In that npm ignore file you will find the src has been ignored to be prevent it from being added to the package when running npm commands .
Keeping files out of your package
Use a .npmignore file to keep stuff out of your package. If there's no
.npmignore file, but there is a .gitignore file, then npm will ignore
the stuff matched by the .gitignore file. If you want to include
something that is excluded by your .gitignore file, you can create an
empty .npmignore file to override it. Like git, npm looks for
.npmignore and .gitignore files in all subdirectories of your package,
not only the root directory.
You need to overwrite these settings to be able to get src contents in node modules when you do npm install

How to reset the npm registry in global npm config

Is there any way to change or reset the global npm registry.
Appreciate your assistance.
Run the following command in your terminal to revert back to the default regsitry
npm config set registry https://registry.npmjs.org/
or
npm config delete registry
NPM CONFIG DOCS
If you are on windows, other than setting the registry, you can also delete the .npmrc file to reset the registry.
You can find this file at C:\Users\<Your User Name>\.npmrc
Sets a configuration key to a value
npm config set <key> <value> [-g|--global]
Gets the value of an existing configuration key
npm config get <key>
Deletes the key from all configuration files.
npm config delete <key>
Lists all the config settings,could be used to check for existing config entries
npm config list
Opens the config file in an editor.
npm config edit
All that would help make changes to the npm registry
Source
Hope that helps!
Yes...
You can use this
$(npm config get globalconfig)
npm config --global edit
In my experience, I had to use a private NPM registry for security reasons and while switching projects I had to change my registry and found that I was unable to! A requirement of the private registry was to be on a VPN network so to be able to connect to the private registry.
Command I was trying to run
npx sb init --builder webpack5
I was trying to install storybook in an existing project.
I tried and failed by:
npm config set registry https://registry.npmjs.org commands even with --location= set to project, user, global
setting .npmrc with npm_config_registry=https://registry.npmjs.org value in multiple locations
even yarn wouldn't change the registry and I also tried to use the yarn specific commands as well yarn config set ...
restarting my system multiple times and re-trying all of the above in different ways
Information about my environment:
OSX, NVM (Node Version Manager), using npm not yarn
What ended up fixing my problem
2. I ended up reconnecting to the VPN so that when I ran my npx ... command from above it would still download the packages through my private registry
3. rm -rf node_modules package-lock.json I removed the installed files and lockfile
4. I disconnected from my VPN and re-installed packages with the same npx ... command
5. I see now that the packages are properly pulling from https://registry.npmjs.org
For some reason NPM wanted to resolve something from the private registry I had before finally using the newly configured public registry.
Might be a bug with NPM that I do not have the experience nor time to troubleshoot though I wanted to share my experience here in hopes it will help someone with a similar experience.

Does npm delete downloaded module if the installation fails?

When I try to install something with npm it fails quite often (much more often that apt-get for example), and it will display "see log file for details" or "make in the directory failed". But when I try to inspect the directory said it will not be found. Does NPM simply delete every thing it just downloaded if anything fails during installation? Why would it tell me to check the directory then if it deleted it?
npm keeps downloaded packages as tarballs inside a cache folder.
see: https://www.npmjs.org/doc/cli/npm-cache.html
When you run npm install and something goes wrong, it will try to undo and remove the packages from your current location, but it should leave the cached tarballs alone. Sometimes the cache can have a bad package-tarball.
You can force npm to install without using the cache like this npm install --force. Or, if you really must, you can clear out the whole cache like this npm cache clean.
Remember: npm installs packages into the current folder, or wherever your package.json can be found