NPM packages under different projects but same scope versions access fix (!108899) · Merge requests · GitLab.org / GitLab

Maksym Shabelnyk requested to merge 273427-npm-instance-level-packages-availability-fix into master Jan 13, 2023

What does this MR do and why?

If a package with the same name (but different versions) is published in two different projects, only packages within one of those projects will be available to download.

Its caused by forcing instance-level NPM packages finder to use the project id of the last find package. This MR omits using of project-id in finder and returns all NPM packages available under the selected instance.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Create two projects within the same group
Publish a package with the same name, but different versions to each group (e.g. @foo/test-pack)
Configure your .npmrc accordingly, and attempt to install a package from each project. The packages uploaded to the second project will not be fetch-able.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #273427

NPM packages under different projects but same scope versions access fix

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports