Skip to content
Latchkey

npm config: Usage, Options & Common Errors

Read and write npm settings (.npmrc).

npm config manages npm settings - registry URL, auth tokens, cache location, and more - stored in .npmrc files at project, user, and global scope.

What it does

get, set, delete, and list operate on .npmrc. Any setting can also be overridden by an npm_config_<key> environment variable, which is how CI injects values without writing files. Project .npmrc overrides user, which overrides global.

Common usage

Terminal
npm config set registry https://registry.npmjs.org/
npm config get cache
npm config list             # effective config
npm config set //registry.npmjs.org/:_authToken ${NPM_TOKEN}

Common CI pattern: inject config via env vars

Hardcoding tokens in a committed .npmrc leaks secrets. In CI, set config through npm_config_* environment variables (or a generated .npmrc) so the auth token comes from a secret, never from the repo.

.github/workflows/ci.yml
npm_config_registry=https://registry.npmjs.org/ \
npm_config_//registry.npmjs.org/:_authToken=${NPM_TOKEN} \
npm ci

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →