You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@myorg:registry=https://somewhere-else.com/myorg
@another:registry=https://somewhere-else.com/another
//registry.npmjs.org/:_authToken=MYTOKEN
; would apply to both @myorg and @another; //somewhere-else.com/:_authToken=MYTOKEN; would apply only to @myorg
//somewhere-else.com/myorg/:_authToken=MYTOKEN1
; would apply only to @another
//somewhere-else.com/another/:_authToken=MYTOKEN2
Let's recreate this config and reproduce the problem:
create a new project:
run yarn init
create ~/.npmrc: (replaced somewhere-else.com with localhost)
@myorg:registry=http://localhost/myorg
@another:registry=http://localhost/another
; would apply to both @myorg and @another
//localhost/:_authToken=MYTOKEN
run a dummy webserver: sudo -i, then while true; do echo -e "HTTP/1.1 200 OK\n\n $(date)" | nc -l 80 ; done.
run yarn add @myorg/test1
output:
❯ yarn add @myorg/test1 --verbose
yarn add v1.22.19
...
warning package.json: "test" is also the name of a node core module
verbose 0.100344417 Checking for configuration file "/Users/user/.npmrc".
...
verbose 0.10390275 current time: 2024-05-03T03:06:11.576Z
info No lockfile found.
warning test@1.0.0: "test" is also the name of a node core module
[1/4] 🔍 Resolving packages...
verbose 0.121385792 Performing "GET" request to "http://localhost/myorg/@myorg%2ftest1".
verbose 0.130306959 Error: http://localhost/myorg/@myorg%2ftest1: Parse Error: Expected HTTP/
...
error An unexpected error occurred: "http://localhost/myorg/@myorg%2ftest1: Parse Error: Expected HTTP/".
...
Request in the HTTP output is misssing authorization header:
However, when running the same command with npm: npm install @myorg/test1 it has the correct authorization header.
GET /myorg/@myorg%2ftest1 HTTP/1.1
user-agent: npm/10.5.0 node/v20.12.2 darwin arm64 workspaces/false
pacote-version: 17.0.6
pacote-req-type: packument
pacote-pkg-id: registry:@myorg/test1
accept: application/json
npm-auth-type: web
npm-command: install
authorization: Bearer MYTOKEN
Accept-Encoding: gzip,deflate
Host: localhost
connection: keep-alive
The text was updated successfully, but these errors were encountered:
synox
changed the title
not sending authorization header when .npmrc scoped registry is configured with root path
missing authorization header when .npmrc scoped registry is configured with root path
May 3, 2024
Using yarn
1.22.19
on macos 14.4.1 (23E224). It seems yarn does not honor the .npmrc config for domains, and only matches the exact path.https://docs.npmjs.com/cli/v10/configuring-npm/npmrc#auth-related-configuration specifies to that we can configure at the domain level:
Let's recreate this config and reproduce the problem:
yarn init
while true; do echo -e "HTTP/1.1 200 OK\n\n $(date)" | nc -l 80 ; done
.yarn add @myorg/test1
output:
Request in the HTTP output is misssing
authorization
header:However, when running the same command with npm:
npm install @myorg/test1
it has the correctauthorization
header.The text was updated successfully, but these errors were encountered: