Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

New patch fails with private registries (RFC)

See original GitHub issue

We’ve been noticing an issue sporadically with writing new patches and having a private NPM registry. I can reproduce the issue reliably, and I can fix it locally, but I’m not sure what the underlying cause is here. Hoping someone can provide guidance on a better fix for this. If there isn’t I’m happy to PR my proposal below.

Reproducing the issue

have a yarn repo with an .npmrc in it as follows:

registry=https://my-private-registry-host.example/repository/npm
always-auth=true

and an ~/.npmrc as follows:

//my-private-registry-host.example/repository/npm/:_auth="myNPMauthTOKEN"

pick any package in node_modules that has not had a patch written for it before and run yarn patch-package the-package:

▶ yarn patch-package yazl
yarn run v1.22.4
$ /path/to/repo/node_modules/.bin/patch-package the-package
patch-package 6.4.7+cd069d4b
• Creating temporary folder
• Installing the-package@2.5.1 with yarn
warning package.json: No license field
warning No license field
error An unexpected error occurred: "https://my-private-registry-host.example/repository/npm/the-package/-/the-package-2.5.1.tgz: Request failed \"401 Unauthorized\"".

<<...some garbage output (console.log of some buffers it seems)...>>

If I add some more logs ahead of the yarn install that patch-package does, the output seems to make sense:

# ls -la in the tmpRepoPath
# the copied .npmrc is as noted above for the project one
total 16
drwx------    4 me  staff    128 19 May 16:07 .
drwx------@ 478 me  staff  15296 19 May 16:07 ..
-rw-r--r--    1 me  staff     75 19 May 16:07 .npmrc
-rw-r--r--    1 me  staff    454 19 May 16:07 package.json

# cat package.json in the tmpRepoPath
{"dependencies":{"the-package":"https://my-private-registry-host.example/repository/npm/the-package/-/the-package-2.5.1.tgz#a3d65d3dd659a5b0937850e8609f22fffa2b5c35"},"resolutions":{...}}

The Fix

I can fix the 401 by adding --registry https://my-private-registry-host.example/repository/npm to the yarn install command that patch-package builds. It’s not clear why this resolves it, but I assume it has something to do with scoped auth tokens (in my $HOME/.npmrc).

Proposal

I propose making a change to allow passthrough flags that allow me to specify the registry I want to build the patch against.

In this case I’d run yarn patch-package the-package --registry https://my-private-registry-host.example/repository/npm and patch-package would add that flag to the install command.

I’d love to find a better fix for this but the underlying cause escapes me.

▶ yarn --version
1.22.4

Issue Analytics

  • State:open
  • Created 2 years ago
  • Reactions:10
  • Comments:5

github_iconTop GitHub Comments

6reactions
escapedcatcommented, Oct 4, 2021

npx patch-package package-name instead of the yarn command works well as a workaround

3reactions
parichay28commented, Sep 10, 2021

@Psidium try adding the --registry argument to this file patch-package/dist/makePatch.js

try {
     // try first without ignoring scripts in case they are required
     // this works in 99.99% of cases
-   spawnSafe_1.spawnSafeSync(`yarn`, ["install", "--ignore-engines"], {
+                spawnSafe_1.spawnSafeSync(`yarn`, ["install", "--ignore-engines", "--registry https://my-private-registry-host.example.com"], {
                     cwd: tmpRepoNpmRoot,
                     logStdErrOnError: false,
                 });
Read more comments on GitHub >

github_iconTop Results From Across the Web

Revised Error Handling for BGP UPDATE Messages RFC 7606
Standards Track [Page 5] RFC 7606 Revised Error Handling for BGP August 2015 New Text: An error detected while processing the UPDATE message...
Read more >
Guidelines and Registration Procedures for New URI Schemes
It also updates the process and IANA registry for URI schemes. It obsoletes both RFC 2717 and RFC 2718. Hansen, et al. Best...
Read more >
2141-alternative-registries - The Rust RFC Book
For private registries run using crates.io's code, this will likely include the ... registry : New to this RFC: the registry from which...
Read more >
Pre-RFC: Cargo alternative registry authentication
There have been several attempts at getting support for authentication for private registries. I'd like to get that discussion going again.
Read more >
Media Types - Internet Assigned Numbers Authority
Media Types. Last Updated: 2022-12-23; Registration Procedure(s): Expert Review for Vendor and Personal Trees; Expert(s): Alexey Melnikov, Murray Kucherawy ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

vercel deployment

Next page

Can't patch package