Skip to main content

.npmrc Frequently Asked Questions

The .npmrc file is a configuration file used by the npm package manager. It allows you to customize various aspects of npm's behavior, such as setting registry URLs, specifying authentication tokens, defining proxy settings, and more.

The scope of using the .npmrc file is to provide a way to configure npm on a per-project or per-user basis. This means that you can have different configurations for different projects or users, allowing you to control how npm behaves in each specific context.

By using the .npmrc file, you can:

  • Set the registry URL to use a different package registry, such as a private registry or a mirror.
  • Define authentication tokens to access private packages or registries.
  • Specify proxy settings to route npm requests through a proxy server.
  • Set various other configuration options like package caching, package installation behavior, and more.

Overall, the .npmrc file gives you fine-grained control over npm's behavior, allowing you to tailor it to your specific needs for each project or user.

Exhaustive documentation can be found at: https://docs.npmjs.com/cli/configuring-npm/npmrc

info

The following section will cover one of many possible configuration and usages of the .npmrc file.
The examples below are not exhaustive, but rather provide a way to get started.

Using an npm token locally

To use the .npmrc file locally for the DHL User Interface Library code (which is a private package), you can follow these steps:

  1. Create a new .npmrc file in the root directory of your project if it doesn't already exist.

  2. Add the following line to the .npmrc file, replacing @dhl-official with your actual scope name:

    @dhl-official:registry=https://registry.npmjs.com/

    This tells npm to use the default registry for your scoped packages.

  3. The DHL User Interface Library is a private package, which means you'll need to add authentication credentials into a .npmrc file.

    For example, if you're using a private registry that requires an access token, you can add the following line to the .npmrc file:

    //registry.npmjs.org/:_authToken=abc123

    Replace abc123 with your actual access token (to see how you can get an access token, visit Getting started with code).

  4. Install your scoped package using the npm install command as you normally would. Npm will use the configuration in the .npmrc file to determine where to download the package from and how to authenticate if necessary.

By following these steps, you can use the .npmrc file to configure npm to download and install your scoped private package from a private registry, while also providing any necessary authentication credentials.

Using an npm token in Jenkins

  1. Open your Jenkins instance and navigate to the job configuration page.
  2. In the "Build Environment" section, add a new "Secret text" credential with the npm token you received earlier.
  3. In the "Build" section, add a new "Execute shell" or "Execute Windows batch command" build step.
  4. In the command input, add the following line to authenticate with npm using the token:
echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > .npmrc

Replace ${NPM_TOKEN} with the variable name you used for the "Secret text" credential.

  1. Save the job configuration and run a build to test the npm token authentication.

Using an npm token in Azure Pipelines (yaml)

Configure Azure Pipelines to use the npm token

  1. Open your Azure DevOps project and navigate to the "Pipelines" section.
  2. Click on "Library" in the left sidebar and then click on "New variable group".
  3. Name the variable group and add a new variable named "NPM_TOKEN" with the value of the npm token you generated earlier. Save the variable group.
  4. Edit your pipeline YAML file and add the following lines to authenticate with npm using the token:
variables:
  - group: YourVariableGroupName

steps:
  - script: echo "//registry.npmjs.org/:_authToken=$(NPM_TOKEN)" > .npmrc
    displayName: 'Authenticate with npm'

Replace YourVariableGroupName with the name of the variable group you created earlier.

  1. Save the pipeline configuration and run a build to test the npm token authentication.

Using an npm token in Azure Pipelines (classic)

To add an .npmrc file to your classic Azure Piplines build, follow these steps:

  1. Open your Azure DevOps project and navigate to the "Pipelines" section.
  2. Click on the pipeline you want to configure.
  3. Click on "Edit" to open the pipeline editor.
  4. Click on the "Tasks" tab and then click on the "+" button to add a new task.
  5. Search for "npm" in the task catalog and select the "npm" task.
  6. Configure the task with the following settings:
    • Command: "custom"
    • Working Directory: "$(System.DefaultWorkingDirectory)"
    • Custom Command: "config set //registry.npmjs.org/:_authToken $(NPM_TOKEN)"
  7. Click on the "+" button to add another task.
  8. Search for "npm" in the task catalog and select the "npm" task.
  9. Configure the task with the following settings:
    • Command: "custom"
    • Working Directory: "$(System.DefaultWorkingDirectory)"
    • Custom Command: "install"
  10. Save the pipeline configuration and run a build to test the npm token authentication.

Note: You need to add the "NPM_TOKEN" variable to your pipeline variables in order for the above to work.