如何调试npm ERR!403在大多数情况下,您或您的一个依赖项正在请求安全策略禁止的软件包版本. [英] How to debug 'npm ERR! 403 In most cases, you or one of your dependencies are requesting a package version that is forbidden by your security policy.'
问题描述
我目前正在尝试建立一个Jenkins和一个私有npm存储库(Sonatype Nexus).当我尝试发布到Jenkins构建管道中的存储库时,出现以下错误.
I am currently trying to set up a Jenkins and a private npm repository (Sonatype Nexus). I get the following error when I try to publish to the repository within a Jenkins build pipeline.
+ npm publish --registry https://<my-private-registry>/repository/npm-private/
npm notice
npm notice package: ts-acoustics@0.0.0
npm notice === Tarball Contents ===
npm notice 2.4kB Jenkinsfile
...
('notice' level info about the files)
...
npm notice === Tarball Details ===
npm notice name: ts-acoustics
npm notice version: 0.0.0
npm notice package size: 13.8 kB
npm notice unpacked size: 47.5 kB
npm notice shasum: 554b6d2b41321d78e00f6a309bb61c9181a2e3d6
npm notice integrity: sha512-QtExdu6IqZ+lH[...]r+HXolo4YCFPg==
npm notice total files: 17
npm notice
npm ERR! code E403
npm ERR! 403 403 Forbidden - PUT https://<my-private-registry>/repository/npm-private/ts-acoustics
npm ERR! 403 In most cases, you or one of your dependencies are requesting
npm ERR! 403 a package version that is forbidden by your security policy.
在Nexus日志和此GitHub公开错误告诉我,在大多数情况下,上述错误文本导致的方向错误?!
I find no further info about why it is forbidden in the Nexus logs and this open GitHub bug tells me that the above error text is leading in the wrong direction in most of the cases?!
关于如何继续进行发布工作的任何想法?!
Any idea of how to proceed to make publishing work?!
更新1:我只是在尝试手动发布时遇到了同样的问题!因此,出于简单性原因,Jenkins不在考虑之列.
Update 1: I just saw that I have the same problem when I try to publish it manually! So Jenkins is out of the equation for simplicity reasons.
更新2:我可以执行 npm adduser --registry ... ,npm告诉我
Update 2: I can do npm adduser --registry... and npm tells me
Logged in as <my-user> on https://<my-private-registry>/repository/npm-private/.
当我执行 npm whoami --registry ... 时,它会显示正确的用户名.
When I do npm whoami --registry... it displays the correct user name.
当我在项目中进行 npm publish --registry ... 时,它显示403错误
When I do npm publish --registry... in the project, it shows the 403 Error
推荐答案
发现了问题!当我要求调试此方法时...这是我所做的:
Found the problem! As I asked for an approach to debug this...here is what I did:
重要的一点是找到菜单条目日志记录"(Logging).在Nexus存储库管理器中.在那里,您只需更改Nexus组成的每个Java程序包的日志级别.
The important point was finding the menu entry "Logging" in the Nexus Repository Manager. There you can simply change the log level for each java package Nexus consists of.
我只是更改了软件包的所有LogLevel,包括"security"或休息"到TRACE,并再次触发了发布请求.现在,在LogViewer(也是Nexus的一部分)中,我看到了所有必要的信息,以了解问题所在.
I simply changed all LogLevels for packages including "security" or "rest" to TRACE and triggered a publish request again. In the LogViewer (also part of Nexus) I now saw all the necessary information to understand the problem.
就我而言,我必须向我为Jenkins用于登录Nexus的用户创建的角色添加 nx-repository-view-*-*-edit 特权.我认为 nx-repository-view-*-*-add 足以发布.
In my case, I had to add the nx-repository-view-*-*-edit privilege to the role I had created for the user that Jenkins uses to login to Nexus. I thought nx-repository-view-*-*-add is enough to publish.
希望有帮助!
这篇关于如何调试npm ERR!403在大多数情况下,您或您的一个依赖项正在请求安全策略禁止的软件包版本.的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
