Yarn can't find private Github npm registry

21
votes

I signed up for the Github private npm registry beta and followed their instruction: https://github.com/features/package-registry

Works great with npm but I'd prefer using yarn. And while npm has no issues finding the registered package, yarn can't find it at all.

yarn add @omniphx/adminite-adminite-ui-components outputs:

yarn add v1.19.0
info No lockfile found.
warning package-lock.json found. Your project contains lock files generated by tools other than Yarn. It is advised not to mix package managers in order to avoid resolution inconsistencies caused by unsynchronized lock files. To clear this warning, remove package-lock.json.
[1/4] ????  Resolving packages...
error Couldn't find package "@omniphx/adminite-ui-components" on the "npm" registry.
info Visit https://yarnpkg.com/en/docs/cli/add for documentation about this command.

After reading up on private repos with yarn, I thought the trick was due to yarn having a slightly different rc format. Unfortunately, that didn't work either and yarn is still unable to find the private registry.

.npmrc

registry=https://registry.npmjs.org
@omniphx:registry=https://npm.pkg.github.com/omniphx

.yarnrc

registry "https://registry.npmjs.org"
"@omniphx:registry" "https://npm.pkg.github.com/omniphx"

Also confirmed that my github token is set too with yarn config list:

yarn config v1.19.0
info yarn config
{
  'version-tag-prefix': 'v',
  'version-git-tag': true,
  'version-commit-hooks': true,
  'version-git-sign': false,
  'version-git-message': 'v%s',
  'init-version': '1.0.0',
  'init-license': 'MIT',
  'save-prefix': '^',
  'bin-links': true,
  'ignore-scripts': false,
  'ignore-optional': false,
  registry: 'https://registry.npmjs.org',
  'strict-ssl': true,
  'user-agent': 'yarn/1.19.0 npm/? node/v12.11.1 darwin x64',
  email: '[email protected]',
  lastUpdateCheck: 1570679687836,
  username: 'omniphx',
  '@omniphx:registry': 'https://npm.pkg.github.com/omniphx'
}
info npm config
{
  '//npm.pkg.github.com/:_authToken': 'fake12345',
  registry: 'https://registry.npmjs.org',
  '@omniphx:registry': 'https://npm.pkg.github.com/omniphx',
  python: '/usr/bin/python'
}

Any idea?

Resolved

Changed "@myorg:registry" "https://npm.pkg.github.com/myorg"
To      "@myorg:registry" "https://npm.pkg.github.com"
3
githubnpmyarnpkg
Does this fix help in your case? stackoverflow.com/questions/58430182/…peterevans

3 Answers

21
votes

I've just run into a similar situation. It seemed that yarn was only looking in the main Yarn package registry for my organization's private package. I had copied the examples from GitHub's Packages documentation for constructing your .npmrc file directly to the .yarnrc file in the project that will be consuming the app, not knowing that the formats were different (I've never had to deal with .yarnrc files before).

However, after updating the .yarnrc file with the correct format that you've mentioned above (which I also found in googling around), yarn successfully found the private package and installed it correctly.

As a heads up, my yarn version: 1.17.3

Steps I Took

  1. Start new terminal session
  2. cd to the project
  3. nvm use (if you have a specific node version to use)
  4. Add the correctly-formatted .yarnrc file to the project. See below for what it looks like.
  5. Manually add the package and version range to the package.json for my private package
  6. Run npm login --registry=https://npm.pkg.github.com --scope=@MyOrg
    • See the note below on scope / org gotcha's
  7. Run yarn

That worked for me.

.yarnrc

"@myorg:registry" "https://npm.pkg.github.com"

Note: See below for a note on the org / scope name gotcha's

Other Notes

I know that it appears that you don't have any issues with this, given your GH username / scope above, but for anyone else that comes here, the documentation on GH is a little sparse with regards to mapping your username / org name to a scope in the package name. Just remember these little gotcha's here:

  • The name of your package must always be scoped to your org (or username)
    • E.g., name: @johndturn/my-package
  • If your organization has capital letters in it, like MyOrg, just replace them in the name of the package in your package.json and your .yarnrc with lowercase
    • E.g., name: @myorg/my-package
    • Note: When authenticating with npm login, I still have kept the uppercase letters in the --scope= argument.
  • The name of your package doesn't have to be the same name of the repo.
    • E.g., for a repo called MyOrg/random-prefix.js-lib, you can have name: @myorg/js-lib in your package.json file for the project itself. Then, installing it in other projects will look something like @myorg/js-lib: 1.0.0.
5
votes

The problem I had is slightly different.

After tried what John suggested I still can't add private registry packages with yarn (but perfectly fine with npm)

Then I realise two things:

For GitHub packages, npm is fine with either

registry=https://npm.pkg.github.com/my-org

or

@my-org:registry=https://npm.pkg.github.com

but yarn only allow the latter syntax.

Docs from Github website only show the first syntax which could cause problems for yarn users.

Another thing is that if you npm login to the private registry but use a .yarnrc file in your project, yarn can't really mix your npm credentials with it. Although it seems behave differently on different environment.

But it would seems to be a best practice to stick with either yarn login + .yarnrc, or npm login + .npmrc (you can still use yarn to manage your packages in both cases)

2
votes

I'm not an expert with npm/yarn so I might be misunderstanding what is happening here, but I don't think package proxying from the npm registry works with yarn yet. Could that be related? When package proxying was released for npm I remember reading comments on Twitter from people that tried it with yarn and it didn't work.

Found the Twitter thread here: https://twitter.com/github/status/1171832034580451328

It doesn't work with Yarn. As soon as I change the registry url -> Couldn't find package.