renovate/renovate
1
0
Fork 0
mirror of https://github.com/renovatebot/renovate.git synced 2025-01-10 22:16:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Merge 266c7773fd into 0b2732a1fe

Browse source
This commit is contained in:
Jon Donovan 2025-01-05 16:52:33 +00:00 committed by GitHub
commit 79b4fd6982
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 14 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
docs/usage/getting-started/private-packages.md
View file

@ -360,8 +360,10 @@ The end-result looks like this:
#### Yarn 2+
Renovate doesn't support reading `npmRegistries` and `npmScopes` from `.yarnrc.yml`, so `hostRules` (or `npmToken`) and `npmrc` should be configured like above.
Renovate updates `npmRegistries` in `.yarnrc.yml` with resolved `hostRules` before running Yarn.
In Yarn 2+, a [.yarnrc.yml](https://yarnpkg.com/configuration/yarnrc) file can be used with to configure npm authentication for private registries via `npmRegistries` or via a top level `npmAuthToken`.
Renovate updates `npmRegistries` in `.yarnrc.yml` with resolved `hostRules` before running Yarn, but does not overwrite `npmAuthToken`.
For Renovate to overwrite existing `npmRegistries` entry, the key should match the `matchHost` minus the protocol (`http:` or `https:`) plus the trailing slash.
For example, the Renovate configuration:
@ -398,6 +400,16 @@ npmRegistries:
npmAuthToken: <Decrypted PAT Token>
```
Thus, to allow for private registries to be used locally via the `NPM_TOKEN` environment variable _and_ with Renovate, your local `.yarnrc.yml` must contain:
```yaml
npmRegistries:
//npm.pkg.github.com/:
npmAuthToken: "${NPM_TOKEN}"
```
### maven
GitLab package registry can be authorized using `Authorization: Bearer <token>`.