renovatebot · rarkins · Jul 20, 2024 · Jul 5, 2024 · Jul 7, 2024 · Jul 7, 2024
diff --git a/lib/modules/manager/npm/post-update/rules.spec.ts b/lib/modules/manager/npm/post-update/rules.spec.ts
@@ -91,6 +91,12 @@ describe('modules/manager/npm/post-update/rules', () => {
 
           additionalYarnRcYml: {
             npmRegistries: {
+              '//https://registry.npmjs.org/': {
+                npmAuthToken: 'token123',
+              },
+              '//https://registry.other.org/': {
+                npmAuthIdent: 'basictoken123',
+              },
               '//registry.company.com/': {
                 npmAuthIdent: 'user123:pass123',
               },
@@ -115,6 +121,12 @@ describe('modules/manager/npm/post-update/rules', () => {
           ],
           "additionalYarnRcYml": {
             "npmRegistries": {
+              "//https://registry.npmjs.org/": {
+                "npmAuthToken": "token123",
+              },
+              "//https://registry.other.org/": {
+                "npmAuthIdent": "basictoken123",
+              },
               "//registry.company.com/": {
                 "npmAuthIdent": "user123:pass123",
               },

diff --git a/lib/modules/manager/npm/post-update/rules.ts b/lib/modules/manager/npm/post-update/rules.ts
@@ -3,51 +3,83 @@ import * as hostRules from '../../../../util/host-rules';
 import { regEx } from '../../../../util/regex';
 import { toBase64 } from '../../../../util/string';
 import { isHttpUrl } from '../../../../util/url';
+import type { YarnRcYmlFile } from './types';
 
 export interface HostRulesResult {
   additionalNpmrcContent: string[];
   additionalYarnRcYml?: any;
 }
 
 export function processHostRules(): HostRulesResult {
-  let additionalYarnRcYml: any;
+  const additionalYarnRcYml: YarnRcYmlFile = { npmRegistries: {} };
 
   // Determine the additional npmrc content to add based on host rules
   const additionalNpmrcContent = [];
   const npmHostRules = hostRules.findAll({
     hostType: 'npm',
   });
   for (const hostRule of npmHostRules) {
-    if (hostRule.resolvedHost) {
-      let uri = hostRule.matchHost;
-      uri =
-        is.string(uri) && isHttpUrl(uri)
-          ? uri.replace(regEx(/^https?:/), '')
-          : // TODO: types (#22198)
-            `//${uri}/`;
-      if (hostRule.token) {
-        const key = hostRule.authType === 'Basic' ? '_auth' : '_authToken';
-        additionalNpmrcContent.push(`${uri}:${key}=${hostRule.token}`);
-        additionalYarnRcYml ||= { npmRegistries: {} };
-        if (hostRule.authType === 'Basic') {
-          additionalYarnRcYml.npmRegistries[uri] = {
-            npmAuthIdent: hostRule.token,
-          };
-        } else {
-          additionalYarnRcYml.npmRegistries[uri] = {
-            npmAuthToken: hostRule.token,
-          };
-        }
-      } else if (is.string(hostRule.username) && is.string(hostRule.password)) {
-        const password = toBase64(hostRule.password);
-        additionalNpmrcContent.push(`${uri}:username=${hostRule.username}`);
-        additionalNpmrcContent.push(`${uri}:_password=${password}`);
-        additionalYarnRcYml ||= { npmRegistries: {} };
-        additionalYarnRcYml.npmRegistries[uri] = {
-          npmAuthIdent: `${hostRule.username}:${hostRule.password}`,
+    if (!hostRule.resolvedHost) {
+      continue;
+    }
+
+    const matchedHost = hostRule.matchHost;
+    // Should never be necessary as if we have a resolvedHost, there has to be a matchHost
+    // istanbul ignore next
+    if (!matchedHost) {
+      continue;
+    }
+
+    const uri = `//${matchedHost}/`;
+    let cleanedUri = uri;
+    if (isHttpUrl(matchedHost)) {
+      cleanedUri = matchedHost.replace(regEx(/^https?:/), '');
+    }
+
+    if (hostRule.token) {
+      const key = hostRule.authType === 'Basic' ? '_auth' : '_authToken';
+      additionalNpmrcContent.push(`${cleanedUri}:${key}=${hostRule.token}`);
+
+      if (hostRule.authType === 'Basic') {
+        const registry = {
+          npmAuthIdent: hostRule.token,
         };
+        additionalYarnRcYml.npmRegistries[cleanedUri] = registry;
+        additionalYarnRcYml.npmRegistries[uri] = registry;
+
+        continue;
       }
+
+      const registry = {
+        npmAuthToken: hostRule.token,
+      };
+      additionalYarnRcYml.npmRegistries[cleanedUri] = registry;
+      additionalYarnRcYml.npmRegistries[uri] = registry;
+
+      continue;
+    }
+
+    if (is.string(hostRule.username) && is.string(hostRule.password)) {
+      const password = toBase64(hostRule.password);
+      additionalNpmrcContent.push(
+        `${cleanedUri}:username=${hostRule.username}`,
+      );
+      additionalNpmrcContent.push(`${cleanedUri}:_password=${password}`);
+
+      const registries = {
+        npmAuthIdent: `${hostRule.username}:${hostRule.password}`,
+      };
+      additionalYarnRcYml.npmRegistries[cleanedUri] = registries;
+      additionalYarnRcYml.npmRegistries[uri] = registries;
     }
   }
-  return { additionalNpmrcContent, additionalYarnRcYml };
+
+  const hasYarnRcNpmRegistries =
+    Object.keys(additionalYarnRcYml.npmRegistries).length > 0;
+  return {
+    additionalNpmrcContent,
+    additionalYarnRcYml: hasYarnRcNpmRegistries
+      ? additionalYarnRcYml
+      : undefined,
+  };
 }
diff --git a/lib/modules/manager/npm/post-update/types.ts b/lib/modules/manager/npm/post-update/types.ts
@@ -41,6 +41,13 @@ export interface PnpmLockFile {
   optionalDependencies: PnpmDependencySchema;
 }
 
+export interface YarnRcNpmRegistry {
+  npmAlwaysAuth?: boolean;
+  npmAuthIdent?: string;
+  npmAuthToken?: string;
+}
+
 export interface YarnRcYmlFile {
   yarnPath?: string | null;
+  npmRegistries: Record<string, YarnRcNpmRegistry>;
 }