.npmrc file permission are not stored by git

Question

In my project I want to use a .npmrc file to point to a private repository. From the documentation for npmrc we read:

NOTE: Because local (per-project or per-user) .npmrc files can contain sensitive credentials, they must be readable and writable only by your user account (i.e. must have a mode of 0600), otherwise they will be ignored by npm!

unfortunately git is not honouring the file permission 0600.

So: how to store the .npmrc file in git?

[This question](http://stackoverflow.com/questions/3207728/retaining-file-permissions-with-git) may help you out. — andreas-hofmann, Jan 06 '16 at 07:00

score 3 · Accepted Answer · edited Jun 20 '20 at 09:12

As you found out you are right.

Git doesn't care about file permissions.

Git only stores two permissions (755 & 644), so your need of 600 is not "recognized" by git.

To override it im using a manual script from this site or this

`umask`

Umask is a process attribute containing permission bits that are removed from newly created files.

Git creates directories and executable files with mode 777, and non-executable files with 666, and your umask turns off some of those bits.

If you want default permissions to be 644 and 755, you set your umask to 022:

umask 022

score 2 · Answer 2 · answered Jan 06 '16 at 22:17

2

As of now npm in version 3.3.12 does not behave like the documentation suggests. It picks up the .npmrc file even though the permission is "only" 644.

answered Jan 06 '16 at 22:17

scheffield

6,618
2
30
31

Also at version 3.9.5, even with permissions at 777 – Glenn Lawrence Jan 19 '17 at 12:01

.npmrc file permission are not stored by git

2 Answers2

umask

`umask`