Search code examples
node.jsnpmregistry

No longer able to upgrade npm from 6 to 7: "Using stale data" from UNABLE_TO_GET_ISSUER_CERT_LOCALLY

I'm using nvm and the latest stable Node (16)

$ nvm ls
->      v16.2.0

npm recently enforced TLS 1.1 with a vague blog post about it.

According to another blog post npm@latest should be npm 7. However, for me:

npm install -g npm@latest
npm WARN npm npm does not support Node.js v16.2.0
npm WARN npm You should probably upgrade to a newer version of node as we
npm WARN npm can't make any promises that npm will work with this version.
npm WARN npm Supported releases of Node.js are the latest release of 6, 8, 9, 10, 11, 12, 13.
npm WARN npm You can find the latest version at https://nodejs.org/
npm WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning UNABLE_TO_GET_ISSUER_CERT_LOCALLY: request to https://registry.npmjs.org/npm failed, reason: unable to get local issuer certificate
npm WARN registry Using stale data from https://registry.npmjs.org/ due to a request error during revalidation.

+ [email protected]
updated 1 package in 9.573s

You can see @latest for me resolves to npm 6.13.0, with the critical part of this warning appearing to be:

https://registry.npmjs.org/: Miscellaneous Warning UNABLE_TO_GET_ISSUER_CERT_LOCALLY: request to https://registry.npmjs.org/npm failed, reason: unable to get local issuer certificate npm WARN registry Using stale data from https://registry.npmjs.org/ due to a request error during revalidation.

I used to have my registry set to use http, as in:

$ npm config get registry
http://registry.npmjs.org/

So I tried unsetting it, and apparently it gets auto-set to https (which is good):

$ npm config delete registry

$ npm config get registry
https://registry.npmjs.org/

However I get the same "stale data" and UNABLE_TO_GET_ISSUER_CERT_LOCALLY warning when running npm install -g npm@latest. Same warning for npm install -g npm. I am not able to upgrade npm anymore.

I'm not on a VPN or using any proxies. How do I resolve this?

Solution

  • First I tried reinstalling node with nvm, which upgraded me to nvm 8, but failed to resolve the issue:

    nvm reinstall-packages 16

    After some headbanging I noticed I had a line in my ~/.npmrc:

    ca[]=

    For some reason I had configured npm to have no root certificates for verifying SSL. Removing that line fixed my issue.