NPM-在 config 中替换 env 失败: ${ NPM_TOKEN }

我正在尝试构建一个反应应用程序,但是当我执行命令 npm -i时,它会给我以下错误:

Error: Failed to replace env in config: ${NPM_TOKEN}
at /usr/local/lib/node_modules/npm/lib/config/core.js:415:13
at String.replace (<anonymous>)
at envReplace (/usr/local/lib/node_modules/npm/lib/config/core.js:411:12)
at parseField (/usr/local/lib/node_modules/npm/lib/config/core.js:389:7)
at /usr/local/lib/node_modules/npm/lib/config/core.js:330:24
at Array.forEach (<anonymous>)
at Conf.add (/usr/local/lib/node_modules/npm/lib/config/core.js:328:23)
at ConfigChain.addString (/usr/local/lib/node_modules/npm/node_modules/config-chain/index.js:244:8)
at Conf.<anonymous> (/usr/local/lib/node_modules/npm/lib/config/core.js:316:10)
at /usr/local/lib/node_modules/npm/node_modules/graceful-fs/graceful-fs.js:78:16
/usr/local/lib/node_modules/npm/lib/npm.js:61
throw new Error('npm.load() required')
^


Error: npm.load() required
at Object.get (/usr/local/lib/node_modules/npm/lib/npm.js:61:13)
at process.errorHandler (/usr/local/lib/node_modules/npm/lib/utils/error-handler.js:205:18)
at process.emit (events.js:182:13)
at process._fatalException (internal/bootstrap/node.js:448:27)

我正在使用 MacOS High Sierra,我试图用以下命令将 NPM _ TOKEN 设置为一个环境变量:

set -x NPM_TOKEN = xyz

但是没用。 有什么问题吗?

146933 次浏览
小开

For people on Ubuntu coming from google:

  • nano ~/.bash_aliases
  • export NPM_TOKEN="PUT_YOUR_TOKEN_HERE"
  • CTRL+X to exit
  • Y to save
小开
最佳答案

First Possible Solution:

Simple Solution: rm -f ./.npmrc (Deleting a .npmrc file)

Second Possible Solution:

However if you don't want to delete the file, you can simply remove this line of code in the .npmrc file.

Line of Code: //registry.npmjs.org/:_authToken=${NPM_TOKEN} (Remove this code)

Third Possible Solution

Worst case scenario:

  • nano ~/.bash_aliases or nano ~/.bash_profile
  • add export NPM_TOKEN="XXXXX-XXXXX-XXXXX-XXXXX"
  • CTRL + X to exit
  • Y to save
小开

If you just set your ~/.profile for the first time (OSX, Ubuntu) and added this line: export NPM_TOKEN="XXXXX-XXXXX-XXXXX-XXXXX". Then you must enter this line to the terminal afterward:

source ~/.profile
小开

Actually proper solution

Update your CI deployment configuration:

npm config set '//registry.npmjs.org/:_authToken' "${NPM_TOKEN}"
npm publish

Remove this line from the .npmrc file:

//registry.npmjs.org/:_authToken=${NPM_TOKEN}

Example build config

You can see this solution used in practice in one of my GitHub repositories: https://github.com/Jezorko/lambda-simulator/blob/5882a5d738060c027b830bcc2d58824c5d27942b/.github/workflows/deploy.yml#L26-L27

The encrypted environment variable is an NPM token.

Why the other "solutions" are mere workarounds

I've seen answers here and under this question that recommend simply removing the variable setting line or .npmrc file entirely.

Thing is, the .npmrc file might not be ignored by your VCS system and modifying it might lead to accidental pushes to your project's repository. Additionally, the file may contain other important settings.

The problem here is that .npmrc does not allow defaults when setting up environment variables. For example, if the following syntax was allowed, the issue would be non-existent:

//registry.npmjs.org/:_authToken=${NPM_TOKEN:-undefined}

小开

I have an easy solution to this issue. After you set your NPM_TOKEN globally into your environment then replace

//registry.npmjs.org/:_authToken=${NPM_TOKEN}

with

//registry.npmjs.org/:_authToken=$NPM_TOKEN

It's worked well for me on macOS Catalina.

小开

Running npm install in an IDE (like WebStorm) was my problem. I added the NPM_TOKEN environment variable to .bash_profile and restarted my Terminal, but not my IDE! The IDE did not pick up the changes to the environment until I restarted it as well.

小开

The following worked for me. I had to place

export NVM_DIR="$HOME/.nvm"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm
[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"  # This loads nvm bash_completion

AFTER the line where i specify

export NPM_TOKEN='mytoken'
小开

Im my case moving the export of the token inside my .zsh (or .bash_profile) to the top of the file fixed the problem because it has been initialised too late before.

小开

https://www.runoob.com/linux/linux-shell-variable.html replace

'//registry.npmjs.org/:_authToken=${NPM_TOKEN}'

with

'//registry.npmjs.org/:_authToken='${NPM_TOKEN}
小开

I am also getting this problem but I find a solution when I am pushing my repo on Heroku so I notice that Heroku run the command react-script start or build

//registry.npmjs.org/:_authToken=${NPM_TOKEN}

so this syntax didn't give the error but when I use the same syntax in my system and run the command it gives me. Because usually when we run in our system we use cmd npm or yarn but if you use react-script then it will not gives an error

小开

I got this issue while trying to setup a CI/CD job in Gitlab. I eventually found out that the error was caused because the variable that was throwing the error was set to a protected variable.

I changed it under Settings > CI / CD > Variables.

小开

On Windows while using git bash, setting a regular Windows environment variable worked for me. This answer helped setting an environment variable in Git Bash

小开

In case of windows and visual studio code - just restart your visual studio, it helps.

Also, how to set this environment variable on windows?

open Registry Editor, and follow \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment, and create there another one "string value" with your token or whatever you need.

小开

For mac

vim ~/.bash_profile

add export NPM_TOKEN=XXXXX-XXXXX-XXXXX-XXXXX

source ~/.bash_profile

also, add the below entry in the .zshrc file to apply the profile when a new terminal tab/window is opened.

if [ -f ~/.bash_profile ]; then
. ~/.bash_profile
fi
小开

I fixed it by setting NPM_TOKEN=""

In github action, i set the env:

jobs:
build:
runs-on: ubuntu-latest
env:
NPM_TOKEN: ""
# ....
小开

Using AWS CODEARTIFACT

If you use docker, you need to add this to your Dockerfile

...
ARG CODEARTIFACT_AUTH_TOKEN
...
RUN export CODEARTIFACT_AUTH_TOKEN=$CODEARTIFACT_AUTH_TOKEN
RUN npm i
...

This is the .npmrc file

registry=https://sidanmor-codeartifact-main-112233.d.codeartifact.eu-west-1.amazonaws.com/npm/js-utils/
//https://sidanmor-codeartifact-main-112233.d.codeartifact.eu-west-1.amazonaws.com/npm/js-utils/:always-auth=true
//https://sidanmor-codeartifact-main-112233.d.codeartifact.eu-west-1.amazonaws.com/npm/js-utils/:_authToken=${CODEARTIFACT_AUTH_TOKEN}
registry=http://registry.npmjs.org

And the build command will be:

docker build --build-arg CODEARTIFACT_AUTH_TOKEN=xxxyyyzzz . --tag my-tag
小开

you can also replace the ${NPM_TOKEN} with your own GitHub generated personal token

小开

For anyone using npm-run-all running into this issue that:

  • Doesn't want to remove or modify their .npmrc file (because the syntax is actually ok)
  • Doesn't want to add the variable in question into their shell profile
  • Doesn't want to set the variable before every single script as "build": "NPM_TOKEN=... ..."

I found that when using npm-run-all any scripts using run-p or run-s that use other scripts (either directly or indirectly) that use the form npm run <SCRIPT> will parse the .npmrc configuration file, which in turn will cause errors if variables are not set.

To fix this, all you need to do is convert any scripts that are used, directly or indirectly by scripts using run-s or run-p to use run-s

Let's take this as an example:

...
"scripts": {
"dev": "run-s build*",
"build:js": "...",
"build:css": "...",
"predev": "npm run clean",
"clean": "rm -rf ./dist ./build"
}
...

Although this script does not call predev directly, it will be run before dev and this will cause configuration to be read, throwing the error

Instead, change it as follows:

...
"scripts": {
"dev": "run-s build*",
"build:js": "...",
"build:css": "...",
"predev": "run-s clean",
"clean": "rm -rf ./dist ./build"
}
...

where predev now uses run-s instead of npm run


提交答案