search

kessler / license-report

create a short report about a project's dependencies (license, url etc)
MIT License
227 stars 39 forks source link

NPM_TOKEN not picked up for private dependencies #22

Closed fed135 closed 2 years ago

fed135 commented 4 years ago

Getting some errors when repo has private packages

http request to npm for package "@****/*****" failed, retrying again soon...
Error: invalid statusCode 404

The NPM_TOKEN env variable is set and valid

chiko123 commented 3 years ago

Solve this as people looking for licenses are really sitting in companies with some private repositories.

BePo65 commented 3 years ago

Perhaps we should add a configuration variable called 'npmTokenEnvVar' (default value: 'NPM_TOKEN') that contains the name of the environment variable with the bearer token for authentication with the private repo (the address of the repository is defined in the configuration variable 'registry' - default value 'https://registry.npmjs.org/').

Would this solve the issue?

If have made a little test that showed that we can always set the authentication header as the public npm repository simply ignores this header. Unfortunately I don't have access to a private npm repository so that I cannot test this feature.

BePo65 commented 2 years ago

Fixed in next release based on pr #65.