Can't publish to npm registry: need auth

I’m attempting to locally publish a versioned angular application for consumption by another maven-based project, but I can’t seem to get the package to publish. I following the steps at npm packages in the Package Registry.

So, my project is located at

As instructed by the article above, I created an .npmrc with the following. I have to say, it makes no sense why I’m creating this file since it’s just overwritten in the next step.


Now, configure .gitlab-ci.yml to publish with the creation of a tag.

image: node:16.10.0

    - build
    - node
    - node_modules

  - build
  - test
  - deploy

  stage: build
    - npm install --force
    - npm run build
    - node

  stage: deploy
    - echo "//${CI_SERVER_HOST}:${CI_SERVER_PORT}/api/v4/projects/${CI_PROJECT_ID}/packages/npm/:_authToken=${CI_JOB_TOKEN}">.npmrc
    - cat .npmrc
    - npm publish
    - node
    - tags

And of course package.json:

  "name": "@products/base",
  "version": "1.0.0",

This errors, however:

$ echo "//${CI_SERVER_HOST}:${CI_SERVER_PORT}/api/v4/projects/${CI_PROJECT_ID}/packages/npm/:_authToken=${CI_JOB_TOKEN}">.npmrc
$ cat .npmrc
$ npm publish
npm notice 
npm notice package: @products/base@1.0.0
npm notice === Tarball Contents ===    
npm notice ..... bunch of files
npm notice 3.6kB   package.json                                                                              
npm notice === Tarball Details === 
npm notice name:          @products/base                    
npm notice version:       1.0.0                                   
npm notice filename:      @products/base-1.0.0.tgz          
npm notice package size:  8.6 MB                                  
npm notice unpacked size: 24.1 MB                                 
npm notice shasum:        fc3ba49c2716198189198189fb50fccff9f87db54
npm notice integrity:     sha512-zDw6566xc8G[...]648qA6UKsMw8g==
npm notice total files:   938                                     
npm notice 
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`
npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2023-07-11T20_51_15_924Z-debug.log

I have the package registry turned on in the project settings:


Any ideas?

Add to your package.json

"publishConfig": {
    "@products:registry": ""

Doesn’t that defeat the dynamic nature of using CI_SERVER_HOST, CI_SERVER_PORT, and CI_PROJECT_ID?

It seems that the recommended configuration provided by the documentation is wrong. If using .npmrc, this is what’s needed:

    - echo "@products:registry=http://${CI_SERVER_HOST}:${CI_SERVER_PORT}/api/v4/projects/${CI_PROJECT_ID}/packages/npm/">.npmrc
    - echo "//${CI_SERVER_HOST}:${CI_SERVER_PORT}/api/v4/projects/${CI_PROJECT_ID}/packages/npm/:_authToken=${CI_JOB_TOKEN}">>.npmrc

No, why would you need to have a dynamic value in package.json which is always bound to a single repository?
Having it in a CI could be useful if you want to re-use the CI for multiple repositories, but there is no difference if you do it with variables or just write it there.