Our enterprise Github recently made a change so all anonymous access from work laptop are blocked. This causes problem as we have some private repo dependencies in our package.json like below:
dependencies { ... "sun": "git+https://github.kdc.capitalone.com/NeX/sun-ng2-nex.git", ... }
Whenever I try to do npm install
, it gives me authentication error. I can get it installed by add username password to the github url, however that would expose my plain corporate password.
After some research, it turns out Git uses curl
under the hood, you can use ~/.netrc
file with the credentials. For GitHub it would look something like this:
machine github.com
login <github username>
password <password OR github access token>
This way, I can just have a github personal access token sitting in my .netrc file and it will always work. It is better than password as the corporate password get expired every 60/90 days and then the file need to be updated every time that changes.