I'm trying to install some packages from Azure Artifacts Feed which was set up by my organization. I still need other external packages in https://registry.npmjs.org/. Although they have configured NPM as upstream source for feed, my 'Reader' permission doesn't allow me to add new packages. So I can only use NPM scopes to install private packages from a scope registry and public package from official registry. But I cannot install private packages simply with scope name.
I've config my user's .npmrc
, get authentication using "vsts-npm-auth
". It looks like this now:
# $HOME\.npmrc
proxy=http://my-enterprise-proxy.com
noproxy[]=blah-blah-blah
strict-ssl=false
registry=https://registry.npmjs.org/
@feed-scope:registry:=https://pkgs.dev.azure.com/[ORGANIZATION_NAME]/_packaging/[FEED_NAME]/npm/registry/
always-auth=true
//pkgs.dev.azure.com/<ORGANIZATION_NAME>/_packaging/<FEED_NAME>/npm/registry/:username=[ENTER_ANY_VALUE_BUT_NOT_AN_EMPTY_STRING]
//pkgs.dev.azure.com/<ORGANIZATION_NAME>/_packaging/<FEED_NAME>/npm/registry/:_password=[BASE64_ENCODED_PERSONAL_ACCESS_TOKEN]
//pkgs.dev.azure.com/<ORGANIZATION_NAME>/_packaging/<FEED_NAME>/npm/registry/:email=npm requires email to be set but doesn't use the value
Now I try to execute:
npm install @feed-scope/package-needed
And I get:
npm ERR! code E404
npm ERR! 404 Not Found - GET pkgs.dev.azure.com/<ORGANIZATION_NAME>/_packaging/<FEED_NAME>/npm/registry/@my-scope/package-needed - The package '@my-scope/package-needed' was not found in feed '[FEED_NAME]'
npm ERR! 404
npm ERR! 404 '@my-scope/package-needed@*' is not in this registry.
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.
I've explored my org's feed, there is only a package named "package-needed". I doubt that the scope name I add to command just what the problem is. But I don't know how can I remove it.
PS: Please ignore those placeholders.
CodePudding user response:
Unfortunately, that's not going to work. The scope is part of an npm package's name. You should work with the owners of your feed to get you the Collaborator role, which is the same as the Reader role plus the ability to use packages from upstreams which have not yet been saved to your feed. This is distinct from the Contributor role which also adds the ability to publish packages directly to the feed.