Since we upgraded to Artifactory version 6.12.1, a new behaviour has appeared when publishing our node.js packages. Here's what our package.json mainly looks like (modified some informations for confidentiality):
{
"name": "@org/module-test",
"version": "1.0.0-12345",
"description": "Module's description",
"scripts": {
<scripts>
},
"repository": {
"type": "git",
"url": "<git repo url>"
},
"license": "UNLICENSED",
"devDependencies": {
"husky": "^1.3.1"
},
"publishConfig": {
"registry": "https://<artifactory_url>/api/npm/npm-local/",
"_auth": "<API token>"
},
"files": [
"<app-folder>"
],
"husky": {
"hooks": {
<several hooks>
}
}
}
The important part here is the version parameter. If I execute npm publish, in that configuration, everything works fine, and the json and tgz files havec the same name. However, when the version looks like this:
"version": "1.0.0-123abc"
The tgz file's name is as such, but the Version in the npm info tab and the corresponding json files are written like this:
module-test-1.0.0-123-abc.json
Everytime the version has numbers and letters in that format, a dash (-) is added, which messes with our ability to automate our pipelines that uses those packages. It's problematic, because we input our git commit hashs as version number, so whenever the hash begins whith digits and follows with letters, the problem occurs.
The problem did not occur on our previous version of 6.1.0. No major differences between the previous and actual config are to note, relating to npm repositories. Whith the problematic version number, this is what shows in the event.log file:
1569867062896|create|npm-local/@org/module-test/-/@org/module-test-1.0.0-123abc.tgz
1569867062896|props|npm-local/@org/module-test/-/@org/module-test-1.0.0-123abc.tgz
1569867062896|create|npm-local/.npm/@org/module-test/@org/module-test-1.0.0-123-abc.json
1569867062896|props|npm-local/@org/module-test/-/@org/module-test-1.0.0-123abc.tgz
1569867063055|props|npm-local/@org/module-test/-/@org/module-test-1.0.0-12abc.tgz
As we can see, only the json file's name is modified.
The probleme disapears if we insert a string of character between the main version and the subversion, like so:
"version":"1.0.0-string-123abc"
This should be a temporary workaround tough, as it does not make for a "clean" version id by our standards.
Not sure if this is related, but this is the npm-default repo layout used by the npm-local repository:
<repoLayout>
<name>npm-default</name>
<artifactPathPattern>[orgPath]/[module]/[module]-[baseRev](-[fileItegRev]).tgz</artifactPathPattern>
<distinctiveDescriptorPathPattern>false</distinctiveDescriptorPathPattern>
<folderIntegrationRevisionRegExp>.*</folderIntegrationRevisionRegExp>
<fileIntegrationRevisionRegExp>.*</fileIntegrationRevisionRegExp>
</repoLayout>
Documentation of repoLayout can be found here
We would like to have the json file, tgz archive and version id stay the same, whatever the version number may be. Why this dash is added, we don't know, but we need it gone. Is this a new configuration we're not aware of, or a bug?
This is an issue introduced in recent release. We are planning to fix it in one of the upcoming releases. You can follow https://www.jfrog.com/jira/browse/RTFACT-20247 for more details.