Menu
I have a private npm registry with npmjs.org which contains several private npm packages. We are moving to a private npm registry in-house (verdaccio). Long-story short, with our AWS infrastructure, the verdaccio server could be rebuilt for many reasons and the main issue is that when a new server is spun up with a fresh verdaccio install, It won't have any packages published, obviously. I'm trying to create a script that will run when the server is created that will do a few things: 1. Ask the user what the previous npm registry is along with an authToken for a user (is our case, a service user that only the server uses) 2. Query the previous npm registry to get a list of all private scoped packages with all its versions 3. Copy/Migrate/Publish all previously existing packages and versions to the new verdaccio registry so the first person to run "npm install" will get them.
There are several utility packages out there for helping with type of task, but none deal with private packages. I've tried using the authToken from the .npmrc file that gets generated when a user is logged in, from within a curl command, but nothing gets returned. I've tried using the npm search function. I've tried all of these utility packages. I've tried the npm v2 api, but nothing seems to return private packages.
https://www.npmjs.com/package/registry-migrate
https://www.npmjs.com/package/npm-migrate
https://github.com/finn-no/migrate-npm-registry
https://github.com/npm/npm-registry-client
https://api-docs.npms.io/#api-Package-GetMultiPackageInfo
Anyone have any ideas?? Thanks!
814
The version of npm packages installed on your computer can be found by running the npm list command. First, navigate to the root directory of your project, then run the npm list command. The output above shows the packages installed in the node_modules/ folder.
With npm private packages, you can use the npm registry to host code that is only visible to you and chosen collaborators, allowing you to manage and use private code alongside public code in your projects. Private packages always have a scope, and scoped packages are private by default.
While many people regularly use npm's website to discover packages, only a few know that npm also provides a public REST API accessible at registry.npmjs.org. This API provides methods to: Get information about the registry itself. Get all available information about a specific package.
Use the npm list to show the installed packages in the current project as a dependency tree. Use npm list --depth=n to show the dependency tree with a specified depth. Use npm list --prod to show packages in the dependencies . Use npm list --dev to show packages in the devDependencies .
You need to add the NPM_TOKEN in the npm registry API.
I found 2 endpoints that can help you perform any necessary logic with the versions of the private npm packages
curl -H "Authorization: Bearer $NPM_TOKEN" "https://registry.npmjs.org/-/user/[NPM_USERNAME]/package"
Example response:
{ "my-package": "write" }
** NPM_USERNAME can be the organization's scope.
curl -H "Authorization: Bearer $NPM_TOKEN" "https://registry.npmjs.org/[NPM_PACKAGE_NAME]"
Example response:
{
"_id": "my-package",
"name": "my-package",
"dist-tags": { "latest": "1.0.0" },
"versions": {
"1.0.0": {
"name": "my-package",
"version": "1.0.0"
//...
}
//...
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
