summaryrefslogtreecommitdiff
path: root/doc/user/packages/npm_registry
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2021-11-10 18:12:35 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2021-11-10 18:12:35 +0000
commit6fd750c19206412cfc52b49a70b56147d839c52f (patch)
tree04607e6c9864c09dd312d6bfc3efe9cc5f81c762 /doc/user/packages/npm_registry
parent26881dd926cfac47c9603d44e8d5a504ab8c4a14 (diff)
downloadgitlab-ce-6fd750c19206412cfc52b49a70b56147d839c52f.tar.gz
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user/packages/npm_registry')
-rw-r--r--doc/user/packages/npm_registry/index.md50
1 files changed, 37 insertions, 13 deletions
diff --git a/doc/user/packages/npm_registry/index.md b/doc/user/packages/npm_registry/index.md
index 433c00571be..454be0e52f2 100644
--- a/doc/user/packages/npm_registry/index.md
+++ b/doc/user/packages/npm_registry/index.md
@@ -208,6 +208,15 @@ Then, you can run `npm publish` either locally or by using GitLab CI/CD.
- **GitLab CI/CD:** Set an `NPM_TOKEN` [CI/CD variable](../../../ci/variables/index.md)
under your project's **Settings > CI/CD > Variables**.
+## Working with private registries
+
+When working with private repositories, you may want to configure additional settings to ensure a secure communication channel:
+
+```shell
+# Force npm to always require authentication when accessing the registry, even for GET requests.
+npm config set always-auth true
+```
+
## Package naming convention
When you use the [instance-level endpoint](#use-the-gitlab-endpoint-for-npm-packages), only the packages with names in the format of `@scope/package-name` are available.
@@ -363,6 +372,10 @@ This rule has a different impact depending on the package name:
This aligns with npmjs.org's behavior. However, npmjs.org does not ever let you publish
the same version more than once, even if it has been deleted.
+## `package.json` limitations
+
+You can't publish a package if its `package.json` file exceeds 20,000 characters.
+
## Install a package
npm packages are commonly-installed by using the `npm` or `yarn` commands
@@ -427,22 +440,29 @@ and use your organization's URL. The name is case-sensitive and must match the n
//gitlab.example.com/api/v4/projects/<your_project_id>/packages/npm/:_authToken= "<your_token>"
```
-### npm dependencies metadata
+### npm metadata
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/11867) in GitLab Premium 12.6.
> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/221259) to GitLab Free in 13.3.
-
-In GitLab 12.6 and later, packages published to the Package Registry expose the following attributes to the npm client:
-
-- name
-- version
-- dist-tags
-- dependencies
- - dependencies
- - devDependencies
- - bundleDependencies
- - peerDependencies
- - deprecated
+> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/330929) in GitLab 14.5.
+
+The GitLab Package Registry exposes the following attributes to the npm client.
+These are similar to the [abbreviated metadata format](https://github.com/npm/registry/blob/9e368cf6aaca608da5b2c378c0d53f475298b916/docs/responses/package-metadata.md#abbreviated-metadata-format):
+
+- `name`
+- `versions`
+ - `name`
+ - `version`
+ - `deprecated`
+ - `dependencies`
+ - `devDependencies`
+ - `bundleDependencies`
+ - `peerDependencies`
+ - `bin`
+ - `directories`
+ - `dist`
+ - `engines`
+ - `_hasShrinkwrap`
## Add npm distribution tags
@@ -579,6 +599,10 @@ root namespace and therefore cannot be published again using the same name.
This is also true even if the prior published package shares the same name,
but not the version.
+#### Package JSON file is too large
+
+Make sure that your `package.json` file does not [exceed `20,000` characters](#packagejson-limitations).
+
### `npm publish` returns `npm ERR! 500 Internal Server Error - PUT`
This is a [known issue](https://gitlab.com/gitlab-org/gitlab/-/issues/238950) in GitLab