Configure Sinopia npm Repository Server to Cache Scoped Packages

If you are working with Node.js Package Manager (npm), you will usually retrieve npm packages from the official registry of npm (https://registry.npmjs.org) and publish own packages there. But in some cases, you might want to keep packages private, such as internal components. For this purpose, you could either go with npm which offers paid plans and on-premises installations of the package registry or you could alternatively decide to run a custom repository server. Sinopia is such a private npm repository server, which in addition acts as a proxy for the official npm package registry and caches downloaded packages. This saves bandwidth and continues to work if the internet connection or the original package registry is down.

npm has a concept of scoped packages, where similar or related packages are grouped together. Angular 2 utilizes this concept in its packages named like @angular/core, with angular being the scope and core being the package name. But if you try to install a scoped package via Sinopia, the installation fails. In the Sinopia logs, you will see an error message similar to:

http <-- 404, user: undefined, req: 'GET [email protected]%2fcompiler', error: no such package available

Here’s how to fix this.

First of all, please make sure that you are running an up-to-date version of Sinopia. Unfortunately, development of Sinopia is ceased since October 2015. The latest version of Sinopia’s package on npm (1.4.0) in addition isn’t on par with Sinopia’s source code on GitHub. Issues and Pull Requests are stacking up. Hence, the npm package sinopia might never see an update again. Thanks to the open-source community, there are several forks that are active. One of them is fl4re’s Sinopia, which you should download and install using npm i sinopia2 -g in case your version is outdated.

Next, open ~/.config/sinopia/config.yaml and look for the following lines:

packages:
  '@*/*':
    # scoped packages
    access: $all
    publish: $authenticated

(If you don’t see those lines, your installation may be outdated or the configuration incomplete. You can compare your state with the default configuration of Sinopia which can be found here.)

The configuration noted above lacks to use the official package registry as a proxy for all scoped packages. This behavior can be easily introduced, by adding the following line:

packages:
  '@*/*':
    # scoped packages
    access: $all
    publish: $authenticated
    proxy: npmjs

If the package can’t be found locally, the request is proxied to the official registry. Finally, make sure your registry setting is correct by calling npm get registry.

Published by

Christian Liebel

Hey there! This is Christian Liebel from Leimersheim, Germany. I’m working at Thinktecture in Karlsruhe. Angular, cross-platform development using Cordova and Electron, Gulp, .NET and Node.js are our day-to-day business. Feel free to contact me anytime.