Closed Mitchell-Mulder closed 1 year ago
This plug-in defines a direct dependency on npm
in order to avoid mismatches like this. The dependency has not yet been updated to use npm
v9.
If you are finding that npm is being used from your environment rather than the one installed into node_modules at runtime, that is a bug. Would you be willing to investigate why that command is not using the proper version?
Considering that execa
is correctly provided with the preferLocal
flag, the most likely situation you have is that another one of your dependencies is also installingnpm
directly.
Are you running semantic-release
with npx
or installing as a dependency? If installing as a dependency, try checking for other instances with npm ls npm
after further investigation, this situation should only be present if you are using the legacy (less secure) auth option. if you switch to using modern token auth, this problem would be resolved for you. is there any reason that is not an option for you, @Mitchell-Mulder?
For now, you can run the npm config fix command right before you release
sh 'npm config fix'
sh 'yarn release'
For now, you can run the npm config fix command right before you release
our dependence on npm has already been updated to npm v9, but that came with the removal of support for legacy auth. if your project is still using legacy auth, you should migrate to token auth instead
npm recently released v9 which includes some breaking changes in which the legacy authentication types have been consolidated into “legacy”, making the auth-type default to “web”.
JFrog has an article describing the change https://jfrog.com/knowledge-base/artifactory-changes-to-the-login-behavior-in-npm-v9/.
I'm getting the error below using
npm@9.1.1
Can the
.npmrc
setup be modified to support npm v9?