Installing private node package from Bitbucket changing its codeline in package.json

w3fo commented 9 months ago

Verify latest release

[X] I verified that the issue exists in the latest pnpm release

pnpm version

8.10.5

Which area(s) of pnpm are affected? (leave empty if unsure)

Lockfile

Reproduction steps

I have a private node package on bitbucket which is loading with an app-password in package.json, so it will also work with deployment pipelines:

{
  "dependencies": {
    "my-package": "git+https://<bitbucket-user>:<bitbucket-app-password>@bitbucket.org/my-workspace/my-package.git"
  }
}

Describe the Bug

It runs as expected and loads the package but everytime I run an update/install locally it changes the line into

{
  "dependencies": {
    "my-package": "bitbucket:my-workspace/my-package",
  }
}

I assume this happens because of me having a git ssh connection to bitbucket. The second one still works locally but breaks when I am deploying. Now everytime I want to deploy I have to change the codeline back by hand and delete the pnpm-lock.yaml file.

Expected Behavior

Leaving the codeline as it is.

Which Node.js version are you using?

18.17.1

Which operating systems have you used?

[ ] macOS
[X] Windows
[ ] Linux

Lauriy commented 8 months ago

Started happening to our builds & local updating a few days ago. Have to manually go over pnpm-lock.yml and add git@ and change resolution from tarball to type: git. Otherwise it's this: ERR_PNPM_FETCH_403 No authorization header was set for the request.

JonathanIcon commented 6 months ago

I am experiencing the same issue using the latest version of pnpm on Windows

sate99 commented 3 months ago

I'm also experiencing the same issue using the latest version of pnpm (8 and 9).

pnpm / pnpm