Open
Description
Is there an existing issue for this?
- I have searched the existing issues
Current Behavior
Private registry authentication seems to have been broken in npm v7.11.0 when installing specific packages with username and password defined in ~/.npmrc instead of _auth. npm ci is unaffected.
Expected Behavior
Private registry authentication should work in >= 7.11.0 the way it did in < 7.11.0. I tried messing with the repo url a little, but I wasn't able to get anything to work. Is this an expected configuration change? If so I couldn't find any documentation about what needs to change.
Steps To Reproduce
My (redacted) ~/.npmrc`:
progress=true
email="name@company.com"
registry=https://artifactory.company.com/artifactory/api/npm/repo-npm
# npm >= 7.x
//artifactory.company.com/artifactory/api/npm/repo-npm/:always-auth=true
//artifactory.company.com/artifactory/api/npm/repo-npm/:username="name@company.com"
//artifactory.company.com/artifactory/api/npm/repo-npm/:password="apiKey | base64"
# npm <= 6.x
//artifactory.company.com/artifactory/api/npm/:always-auth=true
//artifactory.company.com/artifactory/api/npm/:username="name@company.com"
//artifactory.company.com/artifactory/api/npm/:password="apiKey | base64"
$ nvm install
Found '$PWD/.nvmrc' with version <14.15.1>
Downloading and installing node v14.15.1...
Local cache found: ${NVM_DIR}/.cache/bin/node-v14.15.1-darwin-x64/node-v14.15.1-darwin-x64.tar.xz
Checksums match! Using existing downloaded archive ${NVM_DIR}/.cache/bin/node-v14.15.1-darwin-x64/node-v14.15.1-darwin-x64.tar.xz
Now using node v14.15.1 (npm v6.14.8)
$ npm i -g npm@7.4.0
$HOME/.nvm/versions/node/v14.15.1/bin/npm -> $HOME/.nvm/versions/node/v14.15.1/lib/node_modules/npm/bin/npm-cli.js
$HOME/.nvm/versions/node/v14.15.1/bin/npx -> $HOME/.nvm/versions/node/v14.15.1/lib/node_modules/npm/bin/npx-cli.js
+ npm@7.4.0
added 54 packages from 28 contributors, removed 238 packages and updated 196 packages in 8.042s
$ npm i -g npm@7.5.0
changed 14 packages, and audited 255 packages in 6s
11 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
$ npm i -g npm@7.6.0
removed 2 packages, changed 14 packages, and audited 254 packages in 3s
11 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
$ npm i -g npm@7.7.0
removed 1 package, changed 14 packages, and audited 255 packages in 4s
11 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
$ npm i -g npm@7.8.0
removed 2 packages, changed 14 packages, and audited 253 packages in 3s
11 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
$ npm i -g npm@7.9.0
changed 14 packages, and audited 253 packages in 4s
11 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
$ npm i -g npm@7.10.0
changed 14 packages, and audited 253 packages in 4s
11 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
$ npm i -g npm@7.11.0
changed 14 packages, and audited 255 packages in 3s
11 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
$ npm i -g npm@7.12.0
npm ERR! code E401
npm ERR! Incorrect or missing password.
npm ERR! If you were trying to login, change your password, create an
npm ERR! authentication token or enable two-factor authentication then
npm ERR! that means you likely typed your password in incorrectly.
npm ERR! Please try again, or recover your password at:
npm ERR! https://www.npmjs.com/forgot
npm ERR!
npm ERR! If you were doing some other operation then your saved credentials are
npm ERR! probably out of date. To correct this please try logging in again with:
npm ERR! npm login
npm ERR! A complete log of this run can be found in:
npm ERR! $HOME/.npm/_logs/2021-05-21T15_33_39_945Z-debug.log
Environment
- OS: MacOS 11.3.1 (20E241)
- Node: 14.15.1
- npm: 7.11.0 - 7.14.0