npm package.json multiple registries - npm

We have internal nexus npm repository in which i have published my first component. my-component#1.0.0 we also have npm proxy which goes and out in the world and gets global npm dependencies.
in my .npmrc i have defined registry as
registry=http://my.interal.proxy:8081/repository/npmjs-proxy
strict-ssl=false
my internal npm repo which has my-component#1.0.0 is
http://my.interal.repo:8081/repository/npm
is there a way i can tell package.json to download my-component#1.0.0 from my internal repo and rest of them from proxy.
in other post i read about create a group of npm and proxy registries like npm-all and use that one. but rite now i am looking for client side solution.

Related

Force NPM to skip package already installed from another source

I'm trying to npm install a package from a heavily proxied Enterprise computer. One of the dependencies of this package tries to install via GitHub, which throws a 407 error.
npm ERR! /usr/bin/git ls-remote -h -t https://github.com/ethereumjs/ethereumjs-abi.git
npm ERR!
npm ERR! fatal: unable to access 'https://github.com/ethereumjs/ethereumjs-abi.git/': Received HTTP code 407 from proxy after CONNECT
I've discussed this with the team that manages these servers- even with proper proxy authentication, access to sites outside of internal registries are very uncommon as a security measure.
As an alternative, I found the package on the NPM registry, and successfully installed it using the internal mirror we have. However, it still tries to install the GitHub version as a dependency of the first package, and then the installation fails. Is there any way to prevent this? I think I've seen something about editing the package's package.json to remove the dependency, but I don't have any experience with this, so I'll only do it if it's the only option to prevent this. Thank you

How can I use Nexus proxy registry to npm install the node_modules from Github

My company only can use the Intranet, so I set up a Nexus and create a proxy registry to npm install, but I found there are some modules need pull from github. How can I get these modules from Intranet?

How do you install a repo by branch name in a github enterprise repo?

I would like to install repos to a parent repo and specify by branch name.
I have tried the following:
npm install username/repo#branchName --save
npm install username/repo#branchName --save
npm install username/repo#tag --save
npm install username/repo#tag --save
I'm getting an error that says:
Could not install from {theRepoWithBranch} as it does not contain a package.json file.
The repo definitely contains a package.json file.
I'm wondering if this is a permissions issue given I'm using an enterprise npm registry.
npm/npm issue 19788 does mention:
Currently, npm does not support installation of modules from git services hosted on private domain names.
That includes both Github for Enterprise on custom domains as well as instances of gitlab, gitea, gogs, bitbucket and many others, basically anything hosted on a custom domain name.
With the comment:
So, obviously you reference installing via an http(s):// URL directly, but just as an fyi, our GitLab Enterprise instance allows us to install using a slightly different format.
We have 2FA enabled, so it requires SSH to be used.
From the docs.
npm install <git-host>:<git-user>/<repo-name>
npm install <git repo url>
We were able to actually install our repos like this:
npm install git+ssh://git#gitlab.mydomain.com:user/repo.git
So this is more a URL format combined with permission issue.
Regarding the branch, as seen here, your syntax is correct.
And:
if I prepend git+ on the HTTPS URL it works (I run gitea which accepts basic auth)
See also npm/hosted-git-info PR 30

What is url for npm packages repository?

I have installed node js and npm on my windows But when I try to install npm modules(packages) using
command>>npm install -g xxxx(package name)
It doesn't get installed, and it asked me to check proxy setting. As I am working on private network, so may be it doesn't allow me to access the url from which npm packages get downloaded.
Please tell me what is url for such npm packages from where it gets downloaded so that I can ask my network provider to give access for that site.
NPM packages are downloaded from https://registry.npmjs.org unless otherwise configured.
You can get the download URL for a package with npm view, for example JQuery:
npm view jquery dist.tarball
returns: https://registry.npmjs.org/jquery/-/jquery-3.5.1.tgz
You can change the default registry with npm set registry <new url>; this is typically used in large institutions or corporations with an internal registry mirror.
All npm packages are in fact downloaded from GitHub. However, npm resolves those GitHub dependencies via https://www.npmjs.com.
For example, express https://github.com/expressjs/express is the download link.
npm install -g express (or without -g).
The system does not know the GitHub location of the express package. So it must first lookup https://www.npmjs.com to get GitHub url. Then it will clone the package.

Jfrog Artifactory does not work with NPM packages from #types (NPM organization/scope)

We use artifactory for npm, bower etc for our projects. now we want to use new feature TypeScript type definitions to fetch the npm package as #types/jasmine (NPM organization/scope) through artifactory but when we try to access it we get http 400
$ npm install -g protractor
npm http 400 http://artifactory/artifactory/api/npm/npm-virtual/#types%2fjasmine
we are able to access the link directly on npm public repo but. it doesn't work through artifactory. is it still not supported . is there a workaround or fix.
From the Artifactory user guide:
Npm 'slash' character encoding
By default, the npm client encodes slash characters ('/') to their ASCII representation ("%2f") before communicating with the npm registry. If you are running Tomcat as your HTTP container (the default for Artifactory), this generates an "HTTP 400" error since Tomcat does not allow encoded slashes by default. To avoid this error when using npm scope packages, you can override this default behavior by defining the following property in the catalina.properties file of your Tomcat:
org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true