docs(npmrc): add example of URI fragment limitations #8095
Conversation
Previously this was using `new URL` which would fail on some urls that `hosted-git-info` is able to parse. But if we still get a url that can't be parsed, we now set it to be removed from the tree instead of erroring. Fixes: npm#5278
* name and version description change Reducing redundancy by deleting repeated code and changing other slight things about those two fields.
- [email protected] - move doc workspace deps to dev deps - remove @mdx-js/mdx - @npmcli/[email protected]
Previously it would report the errors and require rerunning the script. It's been safe enough that we know automatically remove the files. We then run the `git ls-files` command again to make sure they were all removed. Only if any are left do we error with a message requiring a manual fix.
Co-authored-by: Gar <[email protected]>
The `npm config` page redirects to itself in the "See also" section.
add closing parenthesis
Attempt to clarify limitations of how URI Fragments are not applied at the host level but at the path level and are not recursively applied to any sub-path.
|
This is a good start. While we're in here can we change |
Ok, will do. To confirm, it's expected that npm won't attempt to use the |
Correct, it doesn't do domain matching it does whole uri matching. This is where the lookup happens in npm for matching a uri with auth config. For I believe in the past there was some fallthrough "host" checking that would do a "nearest path match" but that was removed in favor of absolutely explicit uri comparison, so as not to accidentally send tokens places where they were unexpected. |
|
It appears something has gone pear shaped in this PR, it all of a sudden has almost 100,000 lines of code changed. Please make sure you are making PRs against |
Thank you for confirming, this is what I'm trying to make more clear in the docs.
Oh, my bad. I'll revert those changes. |
|
I will start over with a new MR. |
Update formatting for clarity, resolve lint MD040/fenced-code-language and change hostnames to npmjs.org subdomains
Attempt to clarify limitations of how URI Fragments are not applied at the host level but at the path level and are not recursively applied to any sub-path.
When attempting to generate valid npmrc configuration files by using
//host.name/:_auth=$tokento cover any registry available at that host, I could not get npm to use those credentials.I figured out the hard way that npm would only use the credentials if I specified the entire path up to the registry name i.e.
//host.name/artifactory/api/npm/:auth=$token.I felt the docs could be clarified to help other users realise the same.