Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

using the npm API to retrieve a list of private npm packages with versions, possible?

Tags:

node.js

npm

I have a private npm registry with npmjs.org which contains several private npm packages. We are moving to a private npm registry in-house (verdaccio). Long-story short, with our AWS infrastructure, the verdaccio server could be rebuilt for many reasons and the main issue is that when a new server is spun up with a fresh verdaccio install, It won't have any packages published, obviously. I'm trying to create a script that will run when the server is created that will do a few things: 1. Ask the user what the previous npm registry is along with an authToken for a user (is our case, a service user that only the server uses) 2. Query the previous npm registry to get a list of all private scoped packages with all its versions 3. Copy/Migrate/Publish all previously existing packages and versions to the new verdaccio registry so the first person to run "npm install" will get them.

There are several utility packages out there for helping with type of task, but none deal with private packages. I've tried using the authToken from the .npmrc file that gets generated when a user is logged in, from within a curl command, but nothing gets returned. I've tried using the npm search function. I've tried all of these utility packages. I've tried the npm v2 api, but nothing seems to return private packages.

https://www.npmjs.com/package/registry-migrate

https://www.npmjs.com/package/npm-migrate

https://github.com/finn-no/migrate-npm-registry

https://github.com/npm/npm-registry-client

https://api-docs.npms.io/#api-Package-GetMultiPackageInfo

Anyone have any ideas?? Thanks!

like image 814
Dan Scrima Avatar asked May 21 '18 19:05

Dan Scrima


People also ask

How do I list npm versions?

The version of npm packages installed on your computer can be found by running the npm list command. First, navigate to the root directory of your project, then run the npm list command. The output above shows the packages installed in the node_modules/ folder.

How do I use npm private packages?

With npm private packages, you can use the npm registry to host code that is only visible to you and chosen collaborators, allowing you to manage and use private code alongside public code in your projects. Private packages always have a scope, and scoped packages are private by default.

Does npm have an API?

While many people regularly use npm's website to discover packages, only a few know that npm also provides a public REST API accessible at registry.npmjs.org. This API provides methods to: Get information about the registry itself. Get all available information about a specific package.

How do I list npm packages?

Use the npm list to show the installed packages in the current project as a dependency tree. Use npm list --depth=n to show the dependency tree with a specified depth. Use npm list --prod to show packages in the dependencies . Use npm list --dev to show packages in the devDependencies .


1 Answers

You need to add the NPM_TOKEN in the npm registry API.

I found 2 endpoints that can help you perform any necessary logic with the versions of the private npm packages

  1. List all private npm packages names and access
curl -H "Authorization: Bearer $NPM_TOKEN" "https://registry.npmjs.org/-/user/[NPM_USERNAME]/package"

Example response:

{ "my-package": "write" }

** NPM_USERNAME can be the organization's scope.

  1. Fetch npm package details
curl -H "Authorization: Bearer $NPM_TOKEN" "https://registry.npmjs.org/[NPM_PACKAGE_NAME]"

Example response:

{
  "_id": "my-package",
  "name": "my-package",
  "dist-tags": { "latest": "1.0.0" },
  "versions": {
    "1.0.0": {
      "name": "my-package",
      "version": "1.0.0"
      //...
    }
  //...
  }
}
like image 181
miguel savignano Avatar answered Nov 13 '22 06:11

miguel savignano