pnpm ERR_PNPM_FETCH_404 - Fix "GET … 404" Package Fetch in CI
ERR_PNPM_FETCH_404 means pnpm requested a package (or version) and the registry returned 404. As with npm, it is usually a private package without auth, a wrong registry, or a non-existent version.
What this error means
pnpm install fails with ERR_PNPM_FETCH_404 and the failing URL. Public packages resolve, but a specific (often scoped/private) package 404s - the registry has nothing for that request as configured.
ERR_PNPM_FETCH_404 GET https://registry.npmjs.org/@acme%2Finternal:
Not Found - 404
This error happened while installing the dependencies of app@1.0.0Common causes
Private/scoped package without registry+auth
Without a scope→registry mapping and token in .npmrc, pnpm asks the public registry for a private package and gets a 404.
Non-existent version or typo
A version that was never published, or a misspelled name/scope, yields a genuine 404.
Stale mirror
A mirror that has not synced the version reports 404 even though the canonical registry has it.
How to fix it
Configure scope, registry, and token
Map the scope to its registry and provide a CI token.
# .npmrc (pnpm reads it)
@acme:registry=https://npm.pkg.github.com
//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN}Verify the package and registry
- Confirm the scope, name, and version exist on the target registry.
- Ensure the CI token is present and has read access.
- If using a mirror, confirm it has synced (or fall back to the canonical registry).
How to prevent it
- Map private scopes and supply CI tokens.
- Pin published versions in the lockfile.
- Keep mirrors synced with the source registry.