Affects Version/s: None
Fix Version/s: None
Steps to reproduce:
- Create NPM virtual, remote and local repositories.
- Create a user and remove the default "Readers" group for the user.
- Make sure there is no group or permission that gives that user read access to the NPM repositories.
- Make sure that the "Hide Existence of Unauthorized Resources" is NOT enabled.
- Perform the "npm config set registry.." and "npm login" commands as usual.
- Try to download a random package (in my example - firstname.lastname@example.org) and see that you get a 404 error instead of 403.
- Look at the request.log and see that Artifactory returns 404 instead of 403.
Sample request and output:
npm install email@example.com ✔ 10300 15:09:37
npm ERR! code E404