Nexus Repository Manager for npm

Feature availability Package repository integrations are available only with Enterprise plans. For more information, see plans and pricing.

This guide is relevant for Snyk Web UI integrations only; the Snyk CLI supports Yarn and npm Projects with private Nexus Repository Manager registries.

Snyk can use Nexus Repository Manager with npm and Yarn Projects imported from Git.

This enables Snyk to regenerate lockfiles with the correct URLs when creating Pull/Merge Requests.

You can add configuration to tell Snyk where your private Nexus Repository Manager Node.js packages are hosted and under what scope.

This is the same information you would normally add in your .yarnrc or .npmrc

JavaScript language settings

Go to Settings > Languages > JavaScript and either the npm or Yarn settings, depending on your Project type.

If you have not previously connected to Nexus Repository Manager you will be asked to configure an integration first; see Nexus Repository Manager connection setup.

Follow the steps on the tabs below, according to your version of Nexus.

Select Add registry configuration.
Select Nexus as the Package source.
If you want to configure this registry as the default registry url, leave the scope blank.
If you want to configure only scoped packages to use this registry, add a scope.
If you want to add a mix of the default registry url and scoped packages, add multiple configurations, one for the default and one per scope.
The Repository section should be set as whatever comes after repository/ in the internal repository URL. For example, if the URL is http://nexus.company.io/repository/npm-group, Repository should be set as npm-group.
When you have added all the registries and scopes you want, click Update settings.

Select Add registry configuration.
Select Nexus as the Package source.
If you want to configure this registry as the default registry url, leave the scope blank.
If you want to configure only scoped packages to use this registry, add a scope.
If you want to add a mix of the default registry url and scoped packages, add multiple configurations, one for the default and one per scope.
The Repository section should be set as whatever comes after nexus/content/ in the internal repository URL. For example, if the URL is http://nexus.company.io/nexus/content/groups/npm-group, Repository should be set as groups/npm-group . Or for http://nexus.company.io/nexus/content/repositories/npm-hosted, Repository should be set as repositories/npm-hosted.
When you have added all the registries and scopes you want, click Update settings.

Test it out

Open a Pull/Merge Request on a Project that contains private dependencies that are hosted in Nexus to see a lockfile updated and included in the Snyk Fix Pull Request with the correct URL to your repository.

PreviousNexus Repository Manager for Maven Nextnpm Teams and npm Enterprise integration

Last updated 1 month ago

Was this helpful?