Tips for troubleshooting 'npm ERR! 403: The requested package version is not permitted by your security policy. Typically, this issue arises when you or one of your dependencies are attempting to access a restricted package version.'

Currently, I am in the process of setting up a Jenkins and a private npm repository called Sonatype Nexus. I am encountering an error when attempting to publish to the repository within a Jenkins build pipeline.

+ npm publish --registry https://<my-private-registry>/repository/npm-private/
npm notice 
npm notice package: <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="4531366824262a3036312c263605756b751b75">[email protected]</a>
npm notice === Tarball Contents === 
npm notice 2.4kB  Jenkinsfile                       
...
('notice' level info about the files)
...
npm notice === Tarball Details === 
npm notice name:          ts-acoustics                            
npm notice version:       0.0.0                                   
npm notice package size:  13.8 kB                                 
npm notice unpacked size: 47.5 kB                                 
npm notice shasum:        554b6d2b41321d78e00f6a309bb61c9181a2e3d6
npm notice integrity:     sha512-QtExdu6IqZ+lH[...]r+HXolo4YCFPg==
npm notice total files:   17                                      
npm notice 
npm ERR! code E403
npm ERR! 403 403 Forbidden - PUT https://<my-private-registry>/repository/npm-private/ts-acoustics
npm ERR! 403 In most cases, you or one of your dependencies are requesting
npm ERR! 403 a package version that is forbidden by your security policy.

No further information is available in the Nexus logs about why this operation is forbidden. I came across this GitHub bug report, indicating that the error message provided may not be accurate most of the time.

Any suggestions on how to proceed to successfully publish the package?

Update 1: Upon manual publishing, I encountered the same issue! Hence, for simplicity reasons, I have ruled out Jenkins as the root cause.

Update 2: I tried npm adduser --registry... and received the following response from npm:

Logged in as <my-user> on https://<my-private-registry>/repository/npm-private/.

Upon executing npm whoami --registry..., the correct username is displayed.

However, when I run npm publish --registry... within the project, the 403 Error persists.

typescriptnpmjenkins-pipelinenexus

Answer №1

For those of us who are in a similar situation to me, working through the Node Cookbook tutorial or another tutorial that involves creating a new account, you may encounter the same issue I did.

In my case, I realized that I had not gone through the email verification process, which resulted in the error. After verifying my email address, the issue was resolved, even when using a VPN.

Be sure to check your email and complete the account verification process.

Answer №2

In two specific situations, this issue tends to arise:

  1. An error could occur due to a *conflicting package that is public. To resolve this, simply update the name of the package in the package.json and attempt the process again!

  2. If you recently registered and forgot to verify your email, access this link: https://www.npmjs.com/login

    On the top of the page, there will be an option to send a verification link to your email address. After completing the verification process, attempt the publication again.

Note: Solution 2) personally worked for me.

Answer №3

By simply updating the PACKAGE-VERSION during the publishing process, I was able to resolve the problem successfully.

https://i.sstatic.net/QNKn6.png

Answer №4

Encountered a similar issue when trying to upload to JFrog Artifactory. The error occurred due to a package with the same name already existing in the repository. To resolve this, you can either remove the existing package or modify the version/name of the new package.

Answer №5

Methods for troubleshooting:

There are numerous factors that can lead to the same error message, as evidenced by the various responses. Here are steps you can take to pinpoint the underlying issue:

Within the Nexus Repository Manager, go to the "Logging" menu option. Here, you can adjust the log level for each java package within Nexus in real-time.

Update the LogLevels for packages containing "security" or "rest" to TRACE and reattempt your request.

Utilize the LogViewer within Nexus to hopefully gather all the necessary details to comprehend the problem.

In my scenario, it was necessary to assign the nx-repository-view-*-*-edit privilege to the role assigned to the user utilized by Jenkins for Nexus login. Initially, I believed having nx-repository-view-*-*-add was adequate for publishing.

I trust this information proves to be beneficial!

Answer №6

Encountering a similar issue, I discovered a solution by modifying the package name within the package.json file. It's crucial to ensure that you also update the version number each time you publish if there is already a version released.

Answer №7

If you encounter an error, it could be because of a conflicting public package. Simply modify the package name in the package.json file and give it another shot!

Answer №8

I encountered an error and was able to fix it by modifying the package name in the package.json file.

{ "name": "digi-clock", "version": "1.0.0",}

Update the value of the "name" field.

Answer №9

Dealing with the NPM ERR! 403 problem was a headache for me too, but I managed to solve it by simply disconnecting from all VPN connections.

Answer №10

Encountering a problem, I discovered that I mistakenly attempted to utilize a read-only access token to publish a package. To resolve this issue, I generated a new access token within the settings section under account and access tokens.

Answer №11

The reason for my issue was traced back to a specific AWS WAF rule identified as EC2MetaDataSSRF_BODY.

Answer №12

It's interesting how updating to the newest git version fixed the problem for everyone experiencing it in my company, even though I'm not sure why that would be the case 🤔

Answer №13

After updating npm from v6 to v8, I was able to resolve the issue. The previous package-lock structure contained outdated registry paths for certain packages, which caused the problem.

Answer №14

For me, the problem stemmed from a npm registry/mirror glitch.

If you have set up any registry/mirror, consider resetting it,

npm config set registry https://registry.npmjs.org/

followed by npm login/npm adduser

Answer №15

Upon visiting the tarball URL that was triggering the 403 error, I discovered the following message:

Unfortunately, you are unable to download this repository due to its size exceeding the limit. Please navigate back to the downloads page or check the repository overview.

After numerous attempts using SSH keys, access tokens, .npmrc, and manually modifying the lockfile, it became clear that my Bitbucket repository had simply surpassed the 2 GB mark.

Answer №16

If you encounter a similar issue with Docker, ensure that you upgrade your npm to the most recent version within your Dockerfile: 

RUN ["npm", "install", "-g", "npm@latest"]
, prior to executing any npm install commands.

Answer №17

Logging in to NPM via the command line really made a difference for me when it came to publishing my project.

npm login

npm publish

Don't forget to bump up the version number before publishing!

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

The variable 'data' is not a property of the type 'any[]'

I am currently facing an issue with a dummy service I created to fetch dummy data. When calling this service from a component ts file, I encountered the following error. After searching through some similar posts, I still haven't been able to resolve ...

angulartypescript

encountering a problem with npm while trying to execute the project

Encountering a persistent issue when attempting to run my project with npm start, even after downgrading my node version. Despite trying various solutions found on platforms like stackoverflow and stackexchange, such as deleting the node_modules folder, ru ...

javascriptnode.jsreactjsnpmnode-modules

Make sure all global NPM packages are up to date while also updating any linked

After linking a local package globally with npm link, I encountered an issue when trying to update my globally installed packages. The error message that appeared was: $ npm update -g npm ERR! code E404 npm ERR! 404 Not Found - GET https://registry.npmjs.o ...

npm

npm is failing to detect my virtual environment

Currently, I am working on a React app with Flask as the backend and I'm following this informative guide. In the article, the writer adds a custom npm script to start the Flask app. Following his steps, I executed 'npm run start-api' but en ...

node.jsjsonreactjsflasknpm

Tips on obtaining the current date format (e.g. dd/mm/yyyy or mm/dd/yyyy) on the client side

I am currently working with the datepicker control, and I need to adjust the date format based on my browser's settings - either dd/mm/yyyy or mm/dd/yyyy. For example: if my browser date is 22/06/2019, then I should use "dd/MM/yyyy" format in the dat ...

angulartypescript

I am having trouble locating my source code within the Typescript module

My issue lies with a file called Server.js, which holds the code for export class Program and includes <reference path='mscorlib.ts'/>. However, when I compile it using the command: tsc -t ES5 Server.ts --module commonjs --out Server.js T ...

node.jstypescript

Get the @types definition installed from a forked repository

Background Information I recently made a workaround for a single type definition in my fork of DefinitelyTyped. This fix is located on a specific branch within my fork. It's important to note that this fix is temporary and should not be merged back ...

typescriptnpmyarnpkgdefinitelytyped

Cannot locate a compatible version for @babel/traverse@^7.14.0

After attempting to clone a project and running npm install, I encountered the following error: npm ERR! code ETARGET npm ERR! notarget No matching version found for @babel/traverse@^7.14.0. npm ERR! notarget In most cases you or one of your dependencies a ...

reactjsnpm

What is the best way to restrict the number of iterations in ngFor within Angular HTML

I want to use ngFor to display a maximum of 4 items, but if the data is less than 4, I need to repeat the loop until there are a total of 4 items. Check out this example <img *ngFor="let item of [1,2,3,4]" src="assets/images/no-image.jpg" styl ...

htmlangulartypescript

When utilizing *NgIf, the button will be shown without the accompanying text being displayed

When trying to display either a confirm or cancel button based on a boolean set in my component.ts, I implemented the following code in my HTML: <mat-dialog-actions class="dialog-actions"> <button class="cancel-btn" ...

javascripthtmlcssangulartypescript

Encountering an issue when installing npm due to a Python environment error

gyp ERR! configure error gyp ERR! stack Error: Unable to locate Python executable "C:\Programs\Python2.7\python2.7.exe". Make sure to set the PYTHON environment variable. gyp ERR! stack at PythonFinder.failNoPython (C:\Pro ...

pythonnpmnpm-installweb3py

Is the behavior of passing node-gyp flags to packages the same with yarn's "yarn add package --build-from-source" as it is with npm's "

It appears that yarn does not pass node-gyp flags to native packages in the same way as npm. For instance, when trying to install [email protected] using: npm install <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="186b69 ...

node.jsnpmnode-gypyarnpkg

Verify the occurrence of an element within an array inside of another array

Here is the scenario: const arr1 = [{id: 1},{id: 2}] const arr2 = [{id: 1},{id: 4},{id: 3}] I need to determine if elements in arr2 are present in arr1 or vice versa. This comparison needs to be done for each element in the array. The expected output sho ...

javascriptreactjstypescript

I'm having trouble retrieving the information as it is showing as undefined. Can anyone offer any advice?

Attempting to extract specific information from an API response has proven challenging. Despite my efforts to isolate the desired data, all listed details appear as undefined. import { HttpClient } from '@angular/common/http'; import { Injectable ...

angulartypescript

Retrieving JSON Information in HTML using Angular 4

Is it possible to retrieve specific data from a JSON file in my HTML using Angular 4's MatCellDef? Specifically, I am interested in accessing the FROM, TO, PERCENT, and SUBTRACT values of the RateBands Array. JSON Data Sample: [ { "year ...

htmlarraysjsonangulartypescript

Every time I execute Grunt, I am met with this message: The local npm module "grunt-contrib-copy" cannot be found. Have you installed it?

Struggling to get Grunt up and running here. Every time I try to run grunt, it throws a bunch of warnings at me: Local Npm module "grunt-contrib-copy" not found. Is it installed? Local Npm module "grunt-contrib-uglify" not found. Is it installed? Local ...

node.jsnpmgrunt-contrib-watchgrunt-contrib-uglifygrunt-contrib-copy

Setting up the customized filename for precompiled Handlebars templates

When compiling Handlebars templates with the NPM package, is there a way to manually adjust the name/index that is generated? In my experience using Handlebars in various environments like Rails, NodeJS, and PHP, I've observed that the generated temp ...

javascriptnpmhandlebars.js

Exporting numerous modules from an NPM package

Currently, I am working on a large Node and Typescript project called Project A. This project consists of numerous modules that I intend to reuse in another project, Project B. In order to achieve this reusability, I have configured the tsconfig.json file ...

node.jstypescriptnpmyarnpkgyarn-workspaces

GRUNT can be installed even without the presence of a package.json

npm install -g grunt-cli npm install --save-dev grunt grunt-contrib-concat grunt-contrib-uglify grunt-sass grunt-contrib-less grunt-contrib-watch No package.json file is generated in the directory where I executed those commands. Upon running grunt from ...

node.jsnpmgruntjs

Error message: The database query function is encountering an issue where the property 'relation.referencedTable' is undefined and cannot be accessed

Currently, I am working with two schemas named products.ts and category.ts. The relationship between these files is defined as one-to-many. In the products.ts file: import { pgTable, timestamp, uuid, varchar } from "drizzle-orm/pg-core"; import ...

typescriptpostgresqlrelationshipdrizzledrizzle-orm