Skip to content
Latchkey

npm Registry 429 Too Many Requests in CI - Fix Rate Limiting

A 429 means the registry is throttling your requests. On shared CI IPs, unauthenticated high-volume installs hit rate limits, and the registry asks you to back off.

What this error means

npm install fails with 429 Too Many Requests from the registry, often on a busy runner pool. Retrying immediately can hit the same limit; backing off or authenticating clears it.

npm
npm ERR! code E429
npm ERR! 429 Too Many Requests - GET https://registry.npmjs.org/react
npm ERR! Retry-After: 60

Common causes

Unauthenticated installs from shared IPs

Many runners sharing an egress IP and pulling anonymously exceed the per-IP rate limit.

No caching, multiplying registry calls

Every cold install re-fetches everything, inflating request volume against the limit.

How to fix it

Authenticate and back off

  1. Authenticate to the registry to raise the rate limit.
  2. Honor Retry-After by raising fetch retry timeouts.
Terminal
npm config set fetch-retries 5
npm config set fetch-retry-maxtimeout 120000
npm ci

Cache and mirror

  1. Cache ~/.npm so most installs avoid the registry.
  2. Use a private mirror to absorb high request volume.

How to prevent it

  • Authenticate, cache ~/.npm, and front the registry with a mirror. Latchkey managed runners cache the npm registry and auto-retry transient 429 responses with backoff, so throttling rarely fails a job.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →