fix: respect user's npm registry configuration in update check#2038
Open
serhiizghama wants to merge 1 commit into
Open
fix: respect user's npm registry configuration in update check#2038serhiizghama wants to merge 1 commit into
serhiizghama wants to merge 1 commit into
Conversation
Use 'npm config get registry' to resolve the registry URL instead of hardcoding registry.npmjs.org. This honors .npmrc files at every scope (global, user, project) plus npm_config_registry, so update checks work behind corporate proxies and private registries regardless of whether the CLI was invoked directly, via npx, or via an npm script. Falls back to the public registry when npm is unavailable or returns an unusable value. Fixes ChromeDevTools#1943
mathiasbynens
approved these changes
May 12, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The startup update check in
src/bin/check-latest-version.tshardcodeshttps://registry.npmjs.org/chrome-devtools-mcp/latest. Users behind corporate proxies or on a private registry (e.g. JFrog Artifactory) cannot reach that URL — the request silently fails on every startup, and they lose update notifications unless they setCHROME_DEVTOOLS_MCP_NO_UPDATE_CHECKS=1.Fixes #1943.
The earlier discussion on that issue surfaced two competing approaches:
npm_config_registry. The maintainer pointed out this only coversnpx/npm runinvocations, not direct CLI use.@npmcli/config. Solves all cases but adds a runtime dependency.This PR uses a third approach suggested in the issue: shell out to
npm config get registry. That command:.npmrcfiles at every scope (global, user, project) and respectsnpm_config_registry.npx,npm run).Solution
Add a small
getRegistry()helper that runsnpm config get registrywith a 5 s timeout and validates the result before using it. Fall back to the hardcoded public registry when:npmis not onPATH,"undefined", or not an http(s) URL.The fetch URL is then composed from that resolved registry.
Testing
npm run typecheck— passesnpm run check-format— passesnpm run build— passesnode --test build/tests/check-for-updates.test.js— 6/6 pass (no regressions in the existing test suite for this area)node build/src/bin/check-latest-version.js /tmp/out.jsonagainst the public registry → wrote{"version":"0.25.0"}. Re-ran withnpm_config_registry=https://example.com→ fetch fails silently as expected, no cache written.(Unrelated E2E browser tests in
tests/e2e/chrome-devtools-commands.test.jsfail in my local environment; they appear environment-dependent and are not touched by this change.)