如何调试'npm ERR!403 在大多数情况下,您或您的依赖项之一正在请求您的安全策略禁止的包版本. [英] How to debug 'npm ERR! 403 In most cases, you or one of your dependencies are requesting a package version that is forbidden by your security policy.'
问题描述
我目前正在尝试建立一个 Jenkins 和一个私有 npm 存储库(Sonatype Nexus).当我尝试在 Jenkins 构建管道中发布到存储库时出现以下错误.
I am currently trying to set up a Jenkins and a private npm repository (Sonatype Nexus). I get the following error when I try to publish to the repository within a Jenkins build pipeline.
+ npm publish --registry https://<my-private-registry>/repository/npm-private/
npm notice
npm notice package: ts-acoustics@0.0.0
npm notice === Tarball Contents ===
npm notice 2.4kB Jenkinsfile
...
('notice' level info about the files)
...
npm notice === Tarball Details ===
npm notice name: ts-acoustics
npm notice version: 0.0.0
npm notice package size: 13.8 kB
npm notice unpacked size: 47.5 kB
npm notice shasum: 554b6d2b41321d78e00f6a309bb61c9181a2e3d6
npm notice integrity: sha512-QtExdu6IqZ+lH[...]r+HXolo4YCFPg==
npm notice total files: 17
npm notice
npm ERR! code E403
npm ERR! 403 403 Forbidden - PUT https://<my-private-registry>/repository/npm-private/ts-acoustics
npm ERR! 403 In most cases, you or one of your dependencies are requesting
npm ERR! 403 a package version that is forbidden by your security policy.
我在 Nexus 日志和 这个开放的 GitHub 错误 告诉我上面的错误文本在大多数情况下都指向错误的方向?!
I find no further info about why it is forbidden in the Nexus logs and this open GitHub bug tells me that the above error text is leading in the wrong direction in most of the cases?!
知道如何继续进行发布工作吗?!
Any idea of how to proceed to make publishing work?!
更新 1:我刚刚看到我在尝试手动发布时遇到了同样的问题!因此出于简单原因,Jenkins 不在等式中.
Update 1: I just saw that I have the same problem when I try to publish it manually! So Jenkins is out of the equation for simplicity reasons.
更新 2: 我可以做到 npm adduser --registry... 并且 npm 告诉我
Update 2: I can do npm adduser --registry... and npm tells me
Logged in as <my-user> on https://<my-private-registry>/repository/npm-private/.
当我执行 npm whoami --registry... 时,它会显示正确的用户名.
When I do npm whoami --registry... it displays the correct user name.
当我在项目中执行 npm publish --registry... 时,它会显示 403 错误
When I do npm publish --registry... in the project, it shows the 403 Error
推荐答案
如何调试:
正如您从所有答案中看到的那样,有很多事情会导致相同的失败消息.以下是您可以找到根本原因的方法:
As you can see by all the answers, there are a lot of things that result in the same failure message. Here is how you can find your root cause:
在 Nexus 存储库管理器中 ->菜单项记录"
在那里,您可以简单地更改 Nexus 在运行时包含的每个 java 包的日志级别.
In the Nexus Repository Manager -> menu entry "Logging"
There you can simply change the log level for each java package Nexus consists of at runtime.
更改包的所有日志级别,包括安全";或休息";TRACE 并再次触发您的请求.
Change all LogLevels for packages including "security" or "rest" to TRACE and trigger your request again.
在 LogViewer(也是 Nexus 的一部分)中,您现在有望看到所有必要的信息来了解问题.
In the LogViewer (also part of Nexus) you can hopefully see all the necessary information to understand the problem now.
就我而言,我必须将 nx-repository-view-*-*-edit 权限添加到我为 Jenkins 用来登录 Nexus 的用户创建的角色中.我认为 nx-repository-view-*-*-add 足以发布.
In my case, I had to add the nx-repository-view-*-*-edit privilege to the role I had created for the user that Jenkins uses to login to Nexus. I thought nx-repository-view-*-*-add is enough to publish.
希望对你有帮助!
这篇关于如何调试'npm ERR!403 在大多数情况下,您或您的依赖项之一正在请求您的安全策略禁止的包版本.的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
