Yarn can't find private Github npm registry

I've just run into a similar situation. It seemed that yarn was only looking in the main Yarn package registry for my organization's private package. I had copied the examples from GitHub's Packages documentation for constructing your .npmrc file directly to the .yarnrc file in the project that will be consuming the app, not knowing that the formats were different (I've never had to deal with .yarnrc files before).

However, after updating the .yarnrc file with the correct format that you've mentioned above (which I also found in googling around), yarn successfully found the private package and installed it correctly.

As a heads up, my yarn version: 1.17.3

Steps I Took

  1. Start new terminal session
  2. cd to the project
  3. nvm use (if you have a specific node version to use)
  4. Add the correctly-formatted .yarnrc file to the project. See below for what it looks like.
  5. Manually add the package and version range to the package.json for my private package
  6. Run npm login --registry=https://npm.pkg.github.com --scope=@MyOrg
    • See the note below on scope / org gotcha's
  7. Run yarn

That worked for me.

.yarnrc

"@myorg:registry" "https://npm.pkg.github.com"

Note: See below for a note on the org / scope name gotcha's

Other Notes

I know that it appears that you don't have any issues with this, given your GH username / scope above, but for anyone else that comes here, the documentation on GH is a little sparse with regards to mapping your username / org name to a scope in the package name. Just remember these little gotcha's here:

  • The name of your package must always be scoped to your org (or username)
    • E.g., name: @johndturn/my-package
  • If your organization has capital letters in it, like MyOrg, just replace them in the name of the package in your package.json and your .yarnrc with lowercase
    • E.g., name: @myorg/my-package
    • Note: When authenticating with npm login, I still have kept the uppercase letters in the --scope= argument.
  • The name of your package doesn't have to be the same name of the repo.
    • E.g., for a repo called MyOrg/random-prefix.js-lib, you can have name: @myorg/js-lib in your package.json file for the project itself. Then, installing it in other projects will look something like @myorg/js-lib: 1.0.0.

The problem I had is slightly different.

After tried what John suggested I still can't add private registry packages with yarn (but perfectly fine with npm)

Then I realise two things:

For GitHub packages, npm is fine with either

registry=https://npm.pkg.github.com/my-org

or

@my-org:registry=https://npm.pkg.github.com

but yarn only allow the latter syntax.

Docs from Github website only show the first syntax which could cause problems for yarn users.

Another thing is that if you npm login to the private registry but use a .yarnrc file in your project, yarn can't really mix your npm credentials with it. Although it seems behave differently on different environment.

But it would seems to be a best practice to stick with either yarn login + .yarnrc, or npm login + .npmrc (you can still use yarn to manage your packages in both cases)


I'm not an expert with npm/yarn so I might be misunderstanding what is happening here, but I don't think package proxying from the npm registry works with yarn yet. Could that be related? When package proxying was released for npm I remember reading comments on Twitter from people that tried it with yarn and it didn't work.

Found the Twitter thread here: https://twitter.com/github/status/1171832034580451328

It doesn't work with Yarn. As soon as I change the registry url -> Couldn't find package.