NPM - Failed to replace env in config: ${NPM_TOKEN}

Question

I am trying to build a react app, but when I execute the command npm -i it gives me the following error:

Error: Failed to replace env in config: ${NPM_TOKEN}
    at /usr/local/lib/node_modules/npm/lib/config/core.js:415:13
    at String.replace (<anonymous>)
    at envReplace (/usr/local/lib/node_modules/npm/lib/config/core.js:411:12)
    at parseField (/usr/local/lib/node_modules/npm/lib/config/core.js:389:7)
    at /usr/local/lib/node_modules/npm/lib/config/core.js:330:24
    at Array.forEach (<anonymous>)
    at Conf.add (/usr/local/lib/node_modules/npm/lib/config/core.js:328:23)
    at ConfigChain.addString (/usr/local/lib/node_modules/npm/node_modules/config-chain/index.js:244:8)
    at Conf.<anonymous> (/usr/local/lib/node_modules/npm/lib/config/core.js:316:10)
    at /usr/local/lib/node_modules/npm/node_modules/graceful-fs/graceful-fs.js:78:16
/usr/local/lib/node_modules/npm/lib/npm.js:61
      throw new Error('npm.load() required')
      ^

Error: npm.load() required
    at Object.get (/usr/local/lib/node_modules/npm/lib/npm.js:61:13)
    at process.errorHandler (/usr/local/lib/node_modules/npm/lib/utils/error-handler.js:205:18)
    at process.emit (events.js:182:13)
    at process._fatalException (internal/bootstrap/node.js:448:27)

I am using MacOS High Sierra. I tried to set the NPM_TOKEN as an environment variable with following command:

set -x NPM_TOKEN = xyz

but it doesn't work. What is the problem?

Answer 1

First Possible Solution:

Simple Solution: rm -f ./.npmrc (Deleting a .npmrc file)

Second Possible Solution:

However if you don't want to delete the file, you can simply remove this line of code in the .npmrc file.

Line of Code: //registry.npmjs.org/:_authToken=${NPM_TOKEN} (Remove this code)

Third Possible Solution

Worst case scenario:

• nano ~/.bash_aliases or nano ~/.bash_profile
• add export NPM_TOKEN="XXXXX-XXXXX-XXXXX-XXXXX"
• CTRL + X to exit
• Y to save

Answer 2

Actually proper solution

Update your CI deployment configuration:

npm config set '//registry.npmjs.org/:_authToken' "${NPM_TOKEN}"
npm publish

Remove this line from the .npmrc file:

//registry.npmjs.org/:_authToken=${NPM_TOKEN}

Example build config

You can see this solution used in practice in one of my GitHub repositories: https://github.com/Jezorko/lambda-simulator/blob/5882a5d738060c027b830bcc2d58824c5d27942b/.github/workflows/deploy.yml#L26-L27

The encrypted environment variable is an NPM token.

Why the other "solutions" are mere workarounds

I've seen answers here and under this question that recommend simply removing the variable setting line or .npmrc file entirely.

Thing is, the .npmrc file might not be ignored by your VCS system and modifying it might lead to accidental pushes to your project's repository. Additionally, the file may contain other important settings.

The problem here is that .npmrc does not allow defaults when setting up environment variables. For example, if the following syntax was allowed, the issue would be non-existent:

//registry.npmjs.org/:_authToken=${NPM_TOKEN:-undefined}