Cannot install private github repository with https #2054
Assignees
Labels
Milestone
Comments
bencergazda
added
Bug
darcyclarke
changed the title
isaacs
added a commit
to npm/pacote
that referenced
this issue
Jan 20, 2021
This makes pacote use the git+https: url as the resolved value for known hosts when auth is provided. When auth is not provided, we store the ssh url as the resolved value, in order to maintain a canonical save value that is never git:// for known hosts. In order to fully fix npm/cli#2054, we will also need to have @npmcli/arborist store the git+https url in the package-lock.json and package.json if https auth is provided.
|
The change in npm/pacote#61 is the first half of this. It will tell pacote to use git+https and not fall back to ssh, if https auth is provided. It will also use git+https as the The second part of the change will be fixed in @npmcli/arborist, by having it store git+https in the package{,-lock}.json files (instead of the shortcut or git+ssh) for known hosts when https auth is present. |
isaacs
added a commit
to npm/arborist
that referenced
this issue
Jan 20, 2021
This makes Arborist use the git+https: url as the saved value in package-lock.json and package.json files for known git hosts when http auth is provided. When auth is not provided, we store the canonical ssh url in package-lock.json, and the more human-friendly shortcut in package.json, in order to maintain a canonical save value that is never git:// for known hosts. This is the second part of the fix for npm/cli#2054.
isaacs
added a commit
to npm/arborist
that referenced
this issue
Jan 20, 2021
This makes Arborist use the git+https: url as the saved value in package-lock.json and package.json files for known git hosts when http auth is provided. When auth is not provided, we store the canonical ssh url in package-lock.json, and the more human-friendly shortcut in package.json, in order to maintain a canonical save value that is never git:// for known hosts. This is the second part of the fix for npm/cli#2054.
isaacs
added a commit
to npm/arborist
that referenced
this issue
Jan 20, 2021
This makes Arborist use the git+https: url as the saved value in package-lock.json and package.json files for known git hosts when http auth is provided. When auth is not provided, we store the canonical ssh url in package-lock.json, and the more human-friendly shortcut in package.json, in order to maintain a canonical save value that is never git:// for known hosts. This is the second part of the fix for npm/cli#2054.
isaacs
added a commit
to npm/arborist
that referenced
this issue
Jan 21, 2021
This makes Arborist use the git+https: url as the saved value in package-lock.json and package.json files for known git hosts when http auth is provided. When auth is not provided, we store the canonical ssh url in package-lock.json, and the more human-friendly shortcut in package.json, in order to maintain a canonical save value that is never git:// for known hosts. This is the second part of the fix for npm/cli#2054. PR-URL: #205 Credit: @isaacs Close: #205 Reviewed-by: @wraithgar
|
Works great, thank you! |
|
@isaacs @bencergazda I am having the exactly same issue, but not sure how to solve this. would you like to explain in more detail? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
npm install --verbosewith package.json containingCurrent Behavior:
It uses SSH to connect, and not the given token.
Expected Behavior:
It should use the credentials from the package URL. It should
npm ERR! remote: Invalid username or password.error even if it could use SSHIt works as expected with [email protected]
Steps To Reproduce:
npm install -g npm@7npm installnpm install -g npm@6npm installEnvironment:
The text was updated successfully, but these errors were encountered: