FOSSA supports Javascript projects through NPM and Bower.
In order for FOSSA to reach private scoped packages on NPM, you must configure auth using the data found in .npmrc after running npm login.
To configure authentication, your FOSSA admin must edit config.env with one of two authentication methods. Check your .npmrc to see which of the two formats below you use.
For newer registries or NPM Enterprise, FOSSA supports tokens for authentication. If you are using this method, you can find a line in your .npmrc formatted as //REGISTRY_URL/:_authToken=AUTH_TOKEN.
Take the AUTH_TOKEN and add the following config:
fetchers__npm__auth_token=AUTH_TOKEN
Many systems still use legacy authentication, especially if you are using a private registry like Artifactory. Look for email, _auth and username in your .npmrc.
fetchers__npm__auth__email
fetchers__npm__auth__token # _auth parameter in .npmrc
fetchers__npm__auth__username
After configuring, your FOSSA admin must run fossa restart.
If you are using a private registry like Artifactory for you NPM code, your FOSSA admin can specify a private registry URL:
fetchers__npm__registry=YOUR_REGISTRY_URL
Often private registries require authentication, which is covered above under Private Packages.
See here for FOSSA's NPM Enterprise integration.
About us
We're starting by turning open source license compliance into what it should be — simple, accessible.
Learn more
Office
351 9th Street
Suite #300
San Francisco, CA 94103
