I'm trying to install a private Bitbucket Git repository as a dependency in my project using Bun v1.2.10 on Windows.
My package.json dependency:
"dependencies": { "@repo/sdk": "git+https://bitbucket.org/repo-cloud/repo-sdk.git#main" }
My .npmrc file:
//bitbucket.org/:_authToken=$%7BBITBUCKET_ACCESS_TOKEN%7D
auto-install-peers=true
legacy-peer-deps=true
And my .env.local file:
BITBUCKET_ACCESS_TOKEN=ATCTT3x...
When I run:
bun install
Bun asks for Bitbucket authentication and fails to use the token.
I also tried putting the token directly into package.json like this:
"@repo/sdk": "git+https://x-token-auth:[email protected]/repo-cloud/repo-sdk.git#main"
… which works, but I don’t want to hardcode the token.
Question: How can I configure Bun to use an environment variable or .npmrc token to install a private Git repository from Bitbucket on Windows without hardcoding the token?
Environment:
Bun v1.2.10
Windows 10
Private Bitbucket Git repo
I tried adding the private Bitbucket repository as a dependency in package.json using a normal Git URL:
"@passportscan/sdk": "git+https://bitbucket.org/repo-cloud/repo-sdk.git#main"
I also created a .npmrc file with the line:
//bitbucket.org/:_authToken=${BITBUCKET_ACCESS_TOKEN}
and added BITBUCKET_ACCESS_TOKEN in my .env.local file.
I expected Bun to use the token from .npmrc or .env and install the dependency without asking for authentication.
However, when I ran bun install, it still prompted me for Bitbucket login.
I also tried hardcoding the token directly in the package.json Git URL, which worked, but I don’t want to hardcode secrets.
.npmrcfile? If that works, then you can narrow down the problem to reading in the variable..npmrc, does it act the same way as if you don't even have a.npmrcat all? If yes, then maybe it isn't seeing your.npmrcfile for some reason.