1

I have a Next.js application that is dependent on a npm package that uses an authentication token. I don't want to commit this token to source control.

I created a .env file in the root of my application that contains the token.

.env

DATATABLES_NPM_TOKEN=MYSUPERSECRETTOKEN

I also created a .npmrc file.

.npmrc

@datatables.net:registry=https://npm.datatables.net/  
//npm.datatables.net/:_authToken=${DATATABLES_NPM_TOKEN}

When I run npm install '@datatables.net/[email protected]'
I get a 403 because it cannot find the token.

I then created a file, populate-npmrc.mjs with the following content:

import fs from 'fs-extra';
import path from 'path';
import './envConfig.mjs';
import { fileURLToPath } from 'url';
import { dirname } from 'path';

const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename);

const npmrcPath = path.join(__dirname, '.npmrc');
const token = process.env.DATATABLES_NPM_TOKEN;

if (!token) {
    console.error('DATATABLES_NPM_TOKEN is not defined in the .env file.');
    process.exit(1);
}

const npmrcContent = `
@datatables.net:registry=https://npm.datatables.net/
//npm.datatables.net/:_authToken=${token}
`;

fs.writeFileSync(npmrcPath, npmrcContent.trim());
console.log('.npmrc file has been populated successfully.');

I added a script to the package.json file to execute this file.

My package.json file looks like this:

{
  "name": "prosectus",
  "version": "0.1.0",
  "private": true,
  "scripts": {
    "prepare": "npm run create-npmrc && npm run install-datatables",
    "copy-assets": "node copy-assets.mjs",
    "dev": "npm run copy-assets && next dev --turbopack",
    "build": "npm run copy-assets && next build --turbopack",
    "start": "next start",
    "lint": "eslint",
    "lint:fix": "eslint --fix",
    "create-npmrc": "node populate-npmrc.mjs",
    "install-datatables": "npm install @datatables.net/[email protected] --registry=https://cdn.datatables.net/releases"
  },
  "dependencies": {
    "@next/env": "^15.5.2",
    "bootstrap": "^5.3.8",
    "fs-extra": "^11.3.1",
    "next": "15.5.0",
    "react": "19.1.0",
    "react-dom": "19.1.0"
  },
  "devDependencies": {
    "@eslint/eslintrc": "^3",
    "@types/node": "^20",
    "@types/react": "^19",
    "@types/react-dom": "^19",
    "eslint": "^9",
    "eslint-config-next": "15.5.0",
    "typescript": "^5"
  }
}

The problem I am facing is once npm install is run then "@datatables.net/editor-dt": "^2.4.0", is added to the dependencies. Which is what I want to happen but when another developer pulls this code down, they receive an error running npm install

npm error code E404
npm error 404 Not Found - GET https://registry.npmjs.org/@datatables.net%2feditor-dt - Not found
npm error 404
npm error 404  '@datatables.net/editor-dt@^2.4.0' is not in this registry.
npm error 404
npm error 404 Note that you can also install from a
npm error 404 tarball, folder, http url, or git url.

The populate-npmrc.mjs file is dependent on the fs-extra package. The datatables.net/editor-dt package is dependent on the .npmrc file being created and populated with the authtoken.

Is there a better way to do this?

Improve this question
Related questions
0
Nextjs error : ⨯ [Error: Cannot find module 'next/dist/compiled/babel/code-frame'
1
How to set the registry URL in a project-level .npmrc file from an environment variable in an Azure Pipeline
319
How to Set port in next.js
Load 4 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.