Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot use private npm registry for all npm manifest files in monorepo #6490

Closed
1 task done
brentufkes opened this issue Jan 20, 2023 · 1 comment
Closed
1 task done

Cannot use private npm registry for all npm manifest files in monorepo #6490

brentufkes opened this issue Jan 20, 2023 · 1 comment
Labels
L: javascript:npm npm packages via npm T: bug 🐞 Something isn't working

Comments

@brentufkes
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Package ecosystem

npm

Package manager version

npm

Language version

Node 18

Manifest location and content before the Dependabot update

/service-1
/service-2
/service-...
/service-n

dependabot.yml content

No response

Updated dependency

No response

What you expected to see, versus what you actually saw

I am using private packages on https://registry.npmjs.org/ and attempting to leverage Dependabot to perform updates for me. Given the directory attribute only supports a string, this does not work well with monorepos where you have a large number of manifest files spread across the repository. I expected some sort of global definition of allowing the all my instances of npm manifests to pull from a private repo

Expected:

updates:
  - package-ecosystem: "npm"
    directory: 
      - "/"
      - "/service-1"
      - "/service-2"
      -" /service-..."
      - "/service-n"
    registries:
      - npm-npmjs
...

or even better yet:

updates:
  - package-ecosystem: "npm"
    directory: 
      - "*"           # Denoting all  npm packages can use the credentials for the private repository
    registries:
      - npm-npmjs
...

Workaround:
To actually achieve this, it just requires the duplication of a number of attributes, and looks something like this:

registries:
  npm-npmjs:
    type: npm-registry
    url: https://registry.npmjs.org/
    token: ${{secrets.MY_PERSONAL_NPM_TOKEN}}
    replaces-base: true
updates:
  - package-ecosystem: "npm"
    directory: "/service-1"
    registries:
      - npm-npmjs
    schedule:
      interval: "daily"
  - package-ecosystem: "npm"
    directory: "/service-2"
    registries:
      - npm-npmjs
    schedule:
      interval: "daily"
  - package-ecosystem: "npm"
    directory: "/service-..."
    registries:
      - npm-npmjs
    schedule:
      interval: "daily"
  - package-ecosystem: "npm"
    directory: "/service-n"
    registries:
      - npm-npmjs
    schedule:
      interval: "daily"
```

### Native package manager behavior

_No response_

### Images of the diff or a link to the PR, issue, or logs

_No response_

### Smallest manifest that reproduces the issue

_No response_
@brentufkes brentufkes added the T: bug 🐞 Something isn't working label Jan 20, 2023
@deivid-rodriguez
Copy link
Contributor

I think this is essentially a duplicate #2824. Let me know if I didn't get that right!

@deivid-rodriguez deivid-rodriguez closed this as not planned Won't fix, can't repro, duplicate, stale Jan 20, 2023
@jeffwidman jeffwidman added the L: javascript:npm npm packages via npm label Jan 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
L: javascript:npm npm packages via npm T: bug 🐞 Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jeffwidman @deivid-rodriguez @brentufkes