A package with a corrupted version (i.e 1.0.0b, for example) will produce an error during metadata calc and will result in the offending package not having a corresponding .npm/<package>/package.json file (providing that the corrupted version is the only version of this package). This currently causes an exception during metadata calc when we try to write the package.json of the corresponding package. The absence of the package.json will also result in the the package not being indexed in the .npm/all.json file.
The npmjs registry remidiates this by correcting the version (i.e 1.0.0b becomes 1.0.0-b) and the package continues to be installable.
Ideally, Artifactory should be able to either do the same, or at least reject the deployment of the corrupt package.
1.npm init with some non semver version (e.g 1.0.0b)
2.npm publish this package to artifactory
3.Notice a line in the log that says "2016-11-28 19:58:27,783 [art-exec-5883] [WARN ] (o.j.r.n.u.NpmUtils :94) Failed validating version: '1.0.1b' of package: 'foo': null
4.Notice that artifactory keeps the corrupt package.json in ~/.npm/<package>/<package>-1.0.0b.json, but also creates (or extracts?) a corrected one named "<package>-1.0.0-b.json".