npm install 403
I experience an issue when using personal access tokens with a private NPM repository in GitLab. The issue occurs in GitLab CI.
Personal Access Token 1 (all permissions checked)
$ npm -v
6.14.4
$ npm config set '//gitlab.vendor.com/api/v4/packages/npm/:_authToken' "-iF_9eLYJkB2a3simuB1"
$ npm install
npm ERR! code E403
npm ERR! 403 403 Forbidden - GET https://gitlab.vendor.com/api/v4/packages/npm/@vendor%2fdanger-bot
npm ERR! 403 In most cases, you or one of your dependencies are requesting
npm ERR! 403 a package version that is forbidden by your security policy.
npm ERR! A complete log of this run can be found in:
npm ERR! /[truncated]/.cache/npm/_logs/2020-08-11T11_27_34_150Z-debug.log
Permission Access Token 2 (all permissions checked)
$ npm -v
6.14.4
$ npm config set '//gitlab.vendor.com/api/v4/packages/npm/:_authToken' "k-6PcffgmzNA8Hh4fmSB"
$ npm install
npm WARN saveError ENOENT: no such file or directory, open '/package.json'
npm WARN enoent ENOENT: no such file or directory, open '/package.json'
npm WARN !invalid#1 No description
npm WARN !invalid#1 No repository field.
npm WARN !invalid#1 No README data
npm WARN !invalid#1 No license field.
+ @vendor/danger-bot@1.9.0
updated 1 package and audited 317 packages in 1.648s
12 packages are looking for funding
run `npm fund` for details
found 5 high severity vulnerabilities
run `npm audit fix` to fix them, or `npm audit` for details
Seems to be an issue with the characters in the token?