Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
My publishing workflow for a nested package is failing with the following error:
npm error code E404
npm error 404 Not Found - PUT https://registry.npmjs.org/@sass%2ftypes - Not found
npm error 404
npm error 404 The requested resource '@sass/types@1.94.0' could not be found or you do not have permission to access it.
npm error 404
npm error 404 Note that you can also install from a
npm error 404 tarball, folder, http url, or git url.
You can see the wokflow here. It's invoked from ci.yml here.
I've verified that it's not the following gotchas:
-
The workflow is upgrading to the latest npm (line 119).
-
The workflow has the id-token: write permissions (line 40 of ci.yml).
-
The trusted publisher settings are pointing to the correct repo and the filename of the parent workflow:
Expected Behavior
I would expect npm publish to succeed and publish the package using OIDC.
Steps To Reproduce
Rerunning the GitHub Actions workflow reproduces this consistently
Environment
- npm: Whatever
npm@latest was at time of posting
- Node.js: 24.11.0
- OS Name: Ubuntu Linux
- System Model Name: GitHub actions runner
- npm config: GitHub actions default
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
My publishing workflow for a nested package is failing with the following error:
You can see the wokflow here. It's invoked from ci.yml here.
I've verified that it's not the following gotchas:
The workflow is upgrading to the latest npm (line 119).
The workflow has the
id-token: writepermissions (line 40 of ci.yml).The trusted publisher settings are pointing to the correct repo and the filename of the parent workflow:
Expected Behavior
I would expect
npm publishto succeed and publish the package using OIDC.Steps To Reproduce
Rerunning the GitHub Actions workflow reproduces this consistently
Environment
npm@latestwas at time of posting