I have upgraded Nexus from Sonatype Nexus Repository OSS 3.16.2-01 to Sonatype Nexus RepositoryOSS 3.66.0-02. After the upgrade, while doing the
build using code build (AWS), I am getting below authentication error
The command npm install is giving the authentication error
[Container] 2024/04/05 14:35:35.467385 Running command npm install && npm install -g @angular/cli@“v16-lts”
npm WARN config _auth, _authToken, username and _password must be scoped to a registry. see npm help npmrc for more information.
npm WARN old lockfile
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile
npm WARN old lockfile This is a one-time fix-up, please be patient…
npm WARN old lockfile
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: ‘karma@1.7.1’,
npm WARN EBADENGINE required: { node: ‘0.10 || 0.12 || 4 || 5 || 6 || 7 || 8’ },
npm WARN EBADENGINE current: { node: ‘v16.20.1’, npm: ‘8.19.4’ }
npm WARN EBADENGINE }
npm ERR! code E401
npm ERR! Unable to authenticate, need: BASIC realm=“Sonatype Nexus Repository Manager”
We tried to build locally with same configuration and it was successful. but not through code build.
Is there anything changed in the newer version if nexus ? Please help me to resolve this issue.
Hi @km.jithesh and welcome! I put your question in Ask Sona, our Sonatype-trained AI support at support.sonatype.com, and got this answer. This is a new feature on our Support site and is always available if you have questions (it’s trained on all public-facing customer resources and is always learning, so definitely test before deploying anything!)
The error message you’re seeing, Unable to authenticate, need: BASIC realm=“Sonatype Nexus Repository Manager”, suggests that there might be an issue with the npm client version you’re using.
According to a Sonatype support article, npm client versions 5.0.0 to 5.0.3 have a regression where the old basic authentication method is not supported, which could lead to 401 Unauthorized responses when trying to access a Nexus Repository npm repositories.
If you’re using one of these npm client versions, you could try the following solutions:
Upgrade to npm version 5.0.4 or greater
Downgrade to an npm version earlier than 5.0.0
Run npm login and use npm bearer token realm in Nexus Repository 3
Possibly try a client-based manual workaround specifying registry specific auth
If none of these solutions work, or if you’re not using one of the affected npm client versions, it might be worth checking if there have been any changes in the authentication requirements or methods in the newer version of Nexus that you’ve upgraded to. You can refer to the Sonatype Help site or the Compatibility Matrix for the most recent state of upgrade compatibility between different Nexus versions.