iarna
commented
6 years ago I don't honestly know why this is in there, I presume it's for backwards compatibility with some third party registry. The npm registry products appear to ignore that entirely. You may want to speak with your registry vendor about getting closer compatibility with production npm behavior.
Hello is there any reason for this? https://github.com/npm/npm-registry-client/blob/690d62cef1f063736cdefa21c49aa35eda42973d/lib/publish.js#L98 our infrastructure with private npm registry running only on secure TLS (HTTPS) connection. So when we try download package it returns error because NPM/Yarn tries download it from insecure URL (because metadata is "deformed" by this code).