Hi Favo,

Looks like Unity's making things harder again.

https://forum.unity.com/threads/updates-to-our-terms-of-service-and-new-package-guidelines.999940/#post-7158721

Would a standalone package manager, external to the Unity editor, be okay?

No. The Package Guidelines state: "You [cannot] add, update or modify installed Packages on behalf of the user outside the official Unity Editor UI, such as programmatically through scripts."

Do you think this is relevant to OpenUPM CLI?

Hello,

I had an issue reported with one of my packages saying that the installation broke a unity project, and after investigating a bit I found out that openupm cli doesn't check if the package is compatible with unity before installing it, causing the project to break.

For example, I have my Mixture package which has a min unity version set to 2020.2 in the package.json: https://github.com/alelievr/Mixture/blob/master/Packages/com.alelievr.mixture/package.json#L5
And if I type the command to install this package openupm add com.alelievr.mixture in a project with unity 2020.1, the package is added to the project and causes a compilation error. I think the cli should check if the package is compatible with the unity version before installing it.

And we have the same problem for dependencies, for example:
I have a package B that depends on version 2 of package A.
Package A is installed in the project using version 1, so adding the package B is not possible without upgrading A in the project before.
But openupm cli ignores this case too causing the project to break again.

I think openupm cli should check for both the package version and installed dependencies versions compatibility, it should be possible to use the major version to determine whether or not the package is compatible with another one.

Hey all,
Please direct me elsewhere if I'm posting this (an outage problem) in the wrong place.

In Unity I got the following error while listing packages:

[Package Manager Window] Cannot perform upm operation: Unable to perform online search:
Request [GET https://package.openupm.com/-/v1/search?text=com.openupm&from=0&size=250] failed with status code [502] [NotFound].
UnityEditor.EditorApplication:Internal_CallUpdateFunctions ()

I tried using the openupm-cli with search and received the following output:

λ npx openupm-cli search ui
ERR! 502 Bad Gateway - GET https://package.openupm.com/-/v1/search?text=ui&size=20&from=0&quality=0.65&popularity=0.98&maintenance=0.5
WARN fast search endpoint is not available, using old search.
┌──────────────────────────────────────────┬────────────────────┬────────────┐
│ Name                                     │ Version            │ Date       │
├──────────────────────────────────────────┼────────────────────┼────────────┤
│ org.nuget.quikgraph                      │ 2.5.0              │            │
├──────────────────────────────────────────┼────────────────────┼────────────┤

..it continues to list additional results correctly but notice the immediate 502 failure on the second line.

So it looks like some backend service might be down?

Running openupm add com.annulusgames.lit-motion results in exceptions in the CLI.

Exception:

C:\Users\User\AppData\Roaming\npm\node_modules\openupm-cli\lib\services\dependency-resolving.js:74
                    if (resolveResult.error instanceof npm_registry_fetch_1.HttpErrorBase)
                                            ^

TypeError: Right-hand side of 'instanceof' is not an object
    at C:\Users\User\AppData\Roaming\npm\node_modules\openupm-cli\lib\services\dependency-resolving.js:74:45
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async tryAddToManifest (C:\Users\User\AppData\Roaming\npm\node_modules\openupm-cli\lib\cli\cmd-add.js:105:43)
    at async C:\Users\User\AppData\Roaming\npm\node_modules\openupm-cli\lib\cli\cmd-add.js:184:28
    at async Command.<anonymous> (C:\Users\User\AppData\Roaming\npm\node_modules\openupm-cli\lib\cli\index.js:84:23)

Node.js v20.12.2

The -f option does not help to avoid this error

Manually adding a package does not cause problems.

Dependencies of this package:

"com.unity.burst": "1.6.0",
"com.unity.collections": "1.5.1",
"com.unity.mathematics": "1.0.0"

I am running the following command for automated testing of my UPM packages.

openupm -c $(PROJECT_HOME) add -ft MY_PACKAGE_NAME@file:../../

Created manifest.json is:

  "scopedRegistries": [
    {
      "name": "package.openupm.com",
      "url": "https://package.openupm.com",
      "scopes": []
    }
  ],
  "testables": [
    "MY_PACKAGE_NAME"
  ]

An error occurred when opening this project:

[Package Manager] Registry configuration is invalid:
  Scoped registry at position 1 is invalid:
    "scopedRegistries[0].scopes" must contain at least 1 items
[Package Manager] Failed to update project manifest: Registry configuration is invalid:
  Scoped registry at position 1 is invalid:
    "scopedRegistries[0].scopes" must contain at least 1 items

This issue occurs in v1.19.6. The manifest.json at v1.17.0 was as follows:

  "scopedRegistries": [
    {
      "name": "package.openupm.com",
      "url": "https://package.openupm.com",
      "scopes": [
        "com.openupm"
      ]
    }
  ],
  "testables": [
    "MY_PACKAGE_NAME"
  ]

In v1.17.0, scopes existed, so there was no problem.

I'm trying to set the registry to my localhost as I'm running Verdaccio locally.

But it fails and I basically get the --help result

$ openupm --registry http://localhost:4873
Usage: openupm [options] [command]

Options:
  -V, --version                     output the version number
  -c, --chdir <path>                change the working directory
  -r, --registry <url>              specify registry url
  -v, --verbose                     output extra debugging
  --no-upstream                     don't use upstream unity registry
  -h, --help                        output usage information

Commands:
  add|install <pkg> [otherPkgs...]  add package to manifest json
                                    openupm add <pkg> [otherPkgs...]
                                    openupm add <pkg>@<version> [otherPkgs...]
  remove|rm <pkg> [otherPkgs...]    remove package from manifest json
  search|s <keyword>                Search package by keyword
  view|v <pkg>                      view package information
  deps|dep [options] <pkg>          view package dependencies
                                    openupm deps <pkg>
                                    openupm deps <pkg>@<version>

This appears on version 14.17.4 of node.

PS C:\Users\Christopher\Arendt Digital\Aboriginal> nvm use 14.17.4
Now using node v14.17.4 (64-bit)
PS C:\Users\Christopher\Arendt Digital\Aboriginal> npm install -g openupm-cli
npm WARN deprecated [email protected]: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
C:\Program Files\nodejs\openupm-cli -> C:\Program Files\nodejs\node_modules\openupm-cli\bin\openupm
C:\Program Files\nodejs\openupm -> C:\Program Files\nodejs\node_modules\openupm-cli\bin\openupm
C:\Program Files\nodejs\openupm-cn -> C:\Program Files\nodejs\node_modules\openupm-cli\bin\openupm-cn
+ [email protected]
added 292 packages from 154 contributors in 14.911s
PS C:\Users\Christopher\Arendt Digital\Aboriginal> openupm --version
internal/modules/cjs/loader.js:892
  throw err;
  ^

Error: Cannot find module 'node:net'
Require stack:
- C:\Users\Christopher\AppData\Roaming\nvm\v14.17.4\node_modules\openupm-cli\lib\core.js
- C:\Users\Christopher\AppData\Roaming\nvm\v14.17.4\node_modules\openupm-cli\lib\cmd-add.js
- C:\Users\Christopher\AppData\Roaming\nvm\v14.17.4\node_modules\openupm-cli\lib\cli.js
- C:\Users\Christopher\AppData\Roaming\nvm\v14.17.4\node_modules\openupm-cli\bin\openupm
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:889:15)
    at Function.Module._load (internal/modules/cjs/loader.js:745:27)
    at Module.require (internal/modules/cjs/loader.js:961:19)
    at require (internal/modules/cjs/helpers.js:92:18)
    at Object.<anonymous> (C:\Users\Christopher\AppData\Roaming\nvm\v14.17.4\node_modules\openupm-cli\lib\core.js:9:13)
    at Module._compile (internal/modules/cjs/loader.js:1072:14)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1101:10)
    at Module.load (internal/modules/cjs/loader.js:937:32)
    at Function.Module._load (internal/modules/cjs/loader.js:778:12)
    at Module.require (internal/modules/cjs/loader.js:961:19) {
  code: 'MODULE_NOT_FOUND',
  requireStack: [
    'C:\\Users\\Christopher\\AppData\\Roaming\\nvm\\v14.17.4\\node_modules\\openupm-cli\\lib\\core.js',
    'C:\\Users\\Christopher\\AppData\\Roaming\\nvm\\v14.17.4\\node_modules\\openupm-cli\\lib\\cmd-add.js',
    'C:\\Users\\Christopher\\AppData\\Roaming\\nvm\\v14.17.4\\node_modules\\openupm-cli\\lib\\cli.js',
    'C:\\Users\\Christopher\\AppData\\Roaming\\nvm\\v14.17.4\\node_modules\\openupm-cli\\bin\\openupm'
  ]
}
PS C:\Users\Christopher\Arendt Digital\Aboriginal> node --version
v14.17.4

FYI a workaround is to use 1.1.8 of nvm-windows w/16.13.2 of node.

The lowest version will be used.

conditions:

• version number is omitted
• package name is start with com.unity

e.g.,

$ openupm add -f com.unity.test-framework
notice manifest modified com.unity.test-framework 1.4.2 => 0.0.4-preview
notice please open Unity project to apply changes

It might be nice to be able to list all installed packages as other package managers do, with some command openupm list.

from JeffCampbell:
I see this weird issue for one of the packages I added recently; it appears twice in the UPM CLI when searching for packages filtering by JCMG and adding it via the CLI adds the previous version 2.1.1 instead of 2.1.0 (the latter appears to be a failed Azure Pipeline to deploy it, but could be related?). I'm not sure if multiple versions of the same package and version are supposed to appear this way. Thanks for your help!

Is the type of pkgInfo variables, such as in

// cmd-view.js
let pkgInfo = await fetchPackageInfo(name);

the Packument type described by this package?

If not, are there different type definitions for it somewhere?

Originally posted by @from2001 in #19 (comment)

I think this bug still remains with some packages.

It is OK for com.unity.postprocessing, but this bug still happens with com.unity.render-pipelines.universal

The latest version of com.unity.render-pipelines.universal is now 14.0.9, however,

openupm add [email protected] outputs the error, and maximum version which can be installed is 10.10.1

WARN 404 version 14.0.1 is not a valid choice of: 7.0.0, 7.0.1, 7.1.1, 7.1.2, 7.1.5, 7.1.6, 7.1.7, 7.1.8, 7.2.0, 7.2.1, 8.0.1, 7.3.1, 9.0.0-preview.14, 8.1.0, 7.4.1, 9.0.0-preview.35, 8.2.0, 10.0.0-preview.26, 7.4.2, 7.4.3, 9.0.0-preview.55, 7.5.1, 10.1.0, 9.0.0-preview.72, 10.2.0, 8.3.1, 10.2.1, 7.5.2, 10.2.2, 10.3.1, 7.5.3, 10.3.2, 10.4.0, 7.6.0, 10.5.0, 7.7.0, 10.5.1, 10.6.0, 7.7.1, 10.7.0, 10.8.0, 10.8.1, 10.9.0, 10.10.0, 10.10.1

Because of this, I cannot add dependencies which requires com.unity.render-pipelines.universal 14.0.1 such as
[email protected] in my package.

Please take a look. I will use -f option until this bug fixes.

Thank you for the great service, anyway.
Best

Gitlab while not allowing searching of packages does allow hosting of packages at least on project level under a path like:

gitlabHost/api/v4/projects/projectID/packages/npm/

I tried to set up such a scoped registry using openupm-cli:

npx openupm-cli --no-upstream -v -r https://redactedURL/api/v4/projects/39/packages/npm/ add redactedPackageName

however openupm does not try to authenticate and then just shows the package as 404:

verb request no auth needed
SNIP
ERR! 404 package not found:

I haven't looked into the code and it might be that openupm-cli just tries to search for the package first, which fails because gitlab does not support searching for packages.

Adding the package manually into manifest.json and setting up the scoped registry manually works fine.

I should also add that installing the package via npm into any directory also works fine.

I am working on Unity-Package-Template repository on GitHub for making packages. People can use the repository to make their own packages with ease to use scripts for distribution and management. One of that scripts should be UpdateDependencies.bat

Would be nice to have a script inside to update all dependencies in a package, before create release on GitHub and add it to OpenUPM.

I tried to use

npm update

But it can't handle it, for some reason. Error output:

npm ERR! code ETARGET
npm ERR! notarget No matching version found for [email protected].
npm ERR! notarget In most cases you or one of your dependencies are requesting
npm ERR! notarget a package version that doesn't exist.

Looks like OpenUPM can handle it by new command such as:

openupm update

Bug report

Bug category

• Registry: issues related to the registry server.

Steps to reproduce

• Create a new Unity solution
• Add a package using the CLI, e.g. openupm add com.realitycollective.service-framework

What is expected?

The latest RELEASE version should be installed.

What is actually happening?

The latest release, which is a preview is installed

Other relevant information

e:\Archive\Prgdir\Svelto\Svelto.MiniExamples\Example6>e:\node-v12.14.0-win-x64\openupm search com.sebaslab.svelto.ecs
fast search endpoint is not available, using old search.
(node:1424) UnhandledPromiseRejectionWarning: Error: ENOENT: no such file or directory, mkdir '\Users\Seb-e-Sam.openupm'
at Object.mkdirSync (fs.js:823:3)
at getCache (e:\node-v12.14.0-win-x64\node_modules\openupm-cli\lib\core.js:224:8)
at searchOld (e:\node-v12.14.0-win-x64\node_modules\openupm-cli\lib\cmd-search.js:38:15)
at module.exports (e:\node-v12.14.0-win-x64\node_modules\openupm-cli\lib\cmd-search.js:113:34)
at processTicksAndRejections (internal/process/task_queues.js:93:5)
at async Command. (e:\node-v12.14.0-win-x64\node_modules\openupm-cli\lib\cli.js:53:21)
(node:1424) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 2)

I am missing this init command to create the Packages/manifest.json for you, like npm does, so I can start a new project from a complete empty folder.

Thanks for this amazing tool

Is there any way I can specify the branch I want to use ? tried

openupm add dev.yarnspinner.unity@[email protected]:YarnSpinnerTool/YarnSpinner-Unity.git#develop
with no success

When I used openupm, I encountered an error as follows

My environment is node 20.10.0 + pnpm 8.13.1 + openupm-cli 1.19.3 , node 20.10.0 + npm 10.2.3 + openupm-cli 1.19.3 has the same error

node:internal/modules/cjs/loader:1147
  throw err;
  ^

Error: Cannot find module '@commander-js/extra-typings'
Require stack:
- C:\Users\mc\AppData\Local\pnpm\global\5\.pnpm\[email protected]\node_modules\openupm-cli\lib\cli.js
- C:\Users\mc\AppData\Local\pnpm\global\5\.pnpm\[email protected]\node_modules\openupm-cli\lib\index.js
    at Module._resolveFilename (node:internal/modules/cjs/loader:1144:15)
    at Module._load (node:internal/modules/cjs/loader:985:27)
    at Module.require (node:internal/modules/cjs/loader:1235:19)
    at require (node:internal/modules/helpers:176:18)
    at Object.<anonymous> (C:\Users\mc\AppData\Local\pnpm\global\5\.pnpm\[email protected]\node_modules\openupm-cli\lib\cli.js:6:25)
    at Module._compile (node:internal/modules/cjs/loader:1376:14)
    at Module._extensions..js (node:internal/modules/cjs/loader:1435:10)
    at Module.load (node:internal/modules/cjs/loader:1207:32)
    at Module._load (node:internal/modules/cjs/loader:1023:12)
    at Module.require (node:internal/modules/cjs/loader:1235:19) {
  code: 'MODULE_NOT_FOUND',
  requireStack: [
    'C:\\Users\\mc\\AppData\\Local\\pnpm\\global\\5\\.pnpm\\[email protected]\\node_modules\\openupm-cli\\lib\\cli.js',
    'C:\\Users\\mc\\AppData\\Local\\pnpm\\global\\5\\.pnpm\\[email protected]\\node_modules\\openupm-cli\\lib\\index.js'
  ]
}

Node.js v20.10.0

1. Create any empty project
2. add any dependence like: openupm add today.comes.saintsfield
3. remove it, like: openupm remove today.comes.saintsfield

Expected Behavior

When all dependencies removed, the item in scopedRegistries in Packages/manifest.json gets removed too:

"scopedRegistries": [
]

Actual Behavior

The registry of openupm is still there with empty scopes, and lead to error:

"scopedRegistries": [
  {
    "name": "package.openupm.com",
    "url": "https://package.openupm.com",
    "scopes": []
  }
]

Version

• openupm: 1.19.7
• Unity: 2022.2.0f1

I have Unity 2019.4.17f1

I'm trying to add a list of unity packages from a shell script:

I run the command openupm add com.unity.postprocessing
Response:
WARN editor.version requires 2019.4.19f1 but found 2019.4.17f1
notice suggest upgrade the editor to 2019.4.19f1, or run with option -f to ignore the warning

I also run the command openupm add com.unity.render-pipelines.universal
Response:
WARN editor.version requires 2020.2.3f1 but found 2019.4.17f1
notice suggest upgrade the editor to 2020.2.3f1, or run with option -f to ignore the warning

It seems like a bug to me that this cli tool wouldn't auto-select the most up-to-date version of the package that is valid for the current version of the unity editor. Much like how the UPM does so. At least those are my expectations.

Am I using this tool incorrectly? Am I missing an option in the CLI?

The -f option isn't working for me either because it installs the most up-to-date version of the package into the editor which isn't supported by my current version of the editor.

Also, this tool is amazing and it was great fun integrating it into my tooling for expedited project creation.
I hope this is an easy fix or I'm just doing something dumb!

Example endpoint

curl -s https://package.openupm.com/-/v1/search?text=littlebigfun&size=20&from=0&quality=0.65&popularity=0.98&maintenance=0.5

Results

{
  "objects": [
    {
      "package": {
        "name": "com.littlebigfun.action-sender",
        "displayName": "Unity Action Sender",
        "description": "A type-safe replacement to SendMessage.",
        "dist-tags": {
          "latest": "1.0.0"
        },
        "maintainers": [
          {
            "name": "openupm",
            "email": "openupm"
          }
        ],
        "author": {
          "name": "Favo Yang",
          "url": "https://github.com/favoyang"
        },
        "repository": {
          "type": "git",
          "url": "git+https://github.com/favoyang/unity-action-sender.git"
        },
        "readmeFilename": "README.md",
        "homepage": "https://github.com/favoyang/unity-action-sender#readme",
        "bugs": {
          "url": "https://github.com/favoyang/unity-action-sender/issues"
        },
        "license": "MIT",
        "time": {
          "modified": "2020-04-19T06:20:02.792Z"
        },
        "versions": {
          "1.0.0": "latest"
        }
      },
      "flags": {},
      "score": {
        "final": 1,
        "detail": {
          "quality": 1,
          "popularity": 1,
          "maintenance": 0
        }
      },
      "searchScore": 100000
    },
    {
      "package": {
        "name": "com.littlebigfun.addressable-importer",
        "displayName": "Unity Addressable Importer",
        "description": "A simple rule based addressable asset importer.",
        "dist-tags": {
          "latest": "0.8.1"
        },
        "maintainers": [
          {
            "name": "openupm",
            "email": "openupm"
          }
        ],
        "author": {
          "name": "Favo Yang",
          "url": "https://github.com/favoyang"
        },
        "repository": {
          "type": "git",
          "url": "git+https://github.com/favoyang/unity-addressable-importer.git"
        },
        "readmeFilename": "README.md",
        "homepage": "https://github.com/favoyang/unity-addressable-importer#readme",
        "bugs": {
          "url": "https://github.com/favoyang/unity-addressable-importer/issues"
        },
        "license": "MIT",
        "time": {
          "modified": "2020-07-06T15:47:34.319Z"
        },
        "versions": {
          "0.8.1": "latest"
        }
      },
      "flags": {
        "unstable": true
      },
      "score": {
        "final": 1,
        "detail": {
          "quality": 1,
          "popularity": 1,
          "maintenance": 0
        }
      },
      "searchScore": 100000
    }
  ],
  "total": 2,
  "time": "Sun, 26 Jul 2020 16:40:24 GMT"
}

I'm trying to set the registry to my localhost as I'm running Verdaccio locally.

But it fails and I basically get the --help result:

$ openupm --registry http://localhost:4873
Usage: openupm [options] [command]

Options:
  -V, --version                     output the version number
  -c, --chdir <path>                change the working directory
  -r, --registry <url>              specify registry url
  -v, --verbose                     output extra debugging
  --no-upstream                     don't use upstream unity registry
  -h, --help                        output usage information

Commands:
  add|install <pkg> [otherPkgs...]  add package to manifest json
                                    openupm add <pkg> [otherPkgs...]
                                    openupm add <pkg>@<version> [otherPkgs...]
  remove|rm <pkg> [otherPkgs...]    remove package from manifest json
  search|s <keyword>                Search package by keyword
  view|v <pkg>                      view package information
  deps|dep [options] <pkg>          view package dependencies
                                    openupm deps <pkg>
                                    openupm deps <pkg>@<version>

I modified the source in node_modules to my desired url and it works. Is this a bug or I'm missing something?

Thanks for all the work on openupm!

Describe the issue

openupm add pkg-name will only add the pkg into the scope registry, but not all dependencies. The command line too show scan all the dependencies and adding to scope registry if exist on openupm registry.

The auto-generated portions of the Readme, namely the contributors section, contains deprecated HTML elements. The resulting warnings were suppressed in a PR (#108), but since the HTML code is regenerated sometimes, we need a more permanent solution.

The first is, as was suggested by @favoyang here to disable HTML warnings for the whole Readme file.

Another is to find out if there is a way to configure the generated HTML code to not contain deprecated elements.

Bug report

Running openupm add org.khronos.unitygltf results in exceptions in the CLI.
Running with -f works fine and results in a working project.

See

• KhronosGroup/UnityGLTF#704

Bug category

• CLI

Steps to reproduce

• Make a project on Unity 2022.3
• Run openupm add org.khronos.unitygltf
• Note exceptions in the CLI about package resolution
• Run openupm add org.khronos.unitygltf -f and note it actually works fine

We've been using 10.0.0 as dependency forever, and Unity will always auto-upgrade older ShaderGraph versions to the correct built-in version actually available in each specific version of Unity.

What is expected?

No error in the openupm CLI, makes it look as if dependencies would be wrong in the package.

What is actually happening?

Exception in the CLI

Currently tests operate on examples. Parameterized or property-based tests could offer additional confidence.

There are property-based testing libraries for many languages including for TS.

Property-based tests would not replace all tests, as often examples are an effective and sufficient approach, but it could augment and improve the test suite.

I would be willing to work on this. Thoughts?

The core.ts module is pretty big and contains a variety of different common functionality. I would propose splitting this module into multiple smaller ones dedicated to specific data-types or workflows.

This way related code is kept together which makes it easier to find it.

This does not introduce any new functionality, but hopefully makes it easier to add new stuff in the future.

While converting the project to typescript I already did this for some functions such as splitPkgName which moved from core to a module for all functions related to package-names.

Thoughts?

Hey,

I am looking into openupm as an alternative package distribution for Unity. I am getting the following error when running the openupm-cli on a Mac (Apple-Sillicon).

node:internal/modules/cjs/loader:1222
  throw err;
  ^

Error: Cannot find module 'node-fetch'
Require stack:
- /usr/local/lib/node_modules/openupm-cli/lib/io/check-url.js
- /usr/local/lib/node_modules/openupm-cli/lib/cli/index.js
- /usr/local/lib/node_modules/openupm-cli/lib/index.js
    at Module._resolveFilename (node:internal/modules/cjs/loader:1219:15)
    at Module._load (node:internal/modules/cjs/loader:1045:27)
    at TracingChannel.traceSync (node:diagnostics_channel:315:14)
    at wrapModuleLoad (node:internal/modules/cjs/loader:215:24)
    at Module.require (node:internal/modules/cjs/loader:1304:12)
    at require (node:internal/modules/helpers:123:16)
    at Object.<anonymous> (/usr/local/lib/node_modules/openupm-cli/lib/io/check-url.js:7:38)
    at Module._compile (node:internal/modules/cjs/loader:1467:14)
    at Module._extensions..js (node:internal/modules/cjs/loader:1551:10)
    at Module.load (node:internal/modules/cjs/loader:1282:32) {
  code: 'MODULE_NOT_FOUND',
  requireStack: [
    '/usr/local/lib/node_modules/openupm-cli/lib/io/check-url.js',
    '/usr/local/lib/node_modules/openupm-cli/lib/cli/index.js',
    '/usr/local/lib/node_modules/openupm-cli/lib/index.js'
  ]
}

Node.js v22.4.1

I have tried to use openupm-cli with different versions of node:

• v18.20.4
• v20.15.1
• v22.4.1

All to the same result. Any ideas?

I will download the source code and try to take a look myself when I have some time.

Metamesh package is depend to com.unity.mathematics.
And Metamesh package is published on npmjs.com.

I get an error with the following command.

$ openupm add --registry https://registry.npmjs.com jp.keijiro.metamesh

WARN 404 package [email protected] is not a valid choice of 0.0.1-security
notice suggest to install [email protected] or a replaceable version manually
ERR! missing dependencies please resolve thie issue or run with option -f to ignore the warning

I can install with the -f option, but please refer to the com.unity registry without -f option.

openupm version: 1.15.4

Hey there. I've looked the documentation up and wanted to ask if the following is possible:

I want to install Package A from a private GitLab registry. I have setup the authentication, all is well. I specify the registry using the --registry option. The package is found.

Package A has a few dependencies. First Package B. This package is a official Unity package and so is found in the upstream. No problem. But Package A also depends on Package C which lives on OpenUpm. This fails because, to my understanding, if you specify a registry option, the given registry will replace the OpenUPM registry. Is this correct?

Would it instead be possible to prepend the registry given by --registry to the list of registries to search? So first search the custom registry, then OpenUPM and finally Unity.

I have a related question about if it would then be possible to store this custom registry in a config file somewhere so I don't have to add it every time.

I am open to attempting to introduce this change myself, I just wanted to ask first if this is already possible and I just missed it. Thanks :)

While working on more complex packument resolving logic, I came upon an open question, that I would like to open to discussion. That is concerning, which errors/infos should be printed to the user while resolving packuments.

Here are a few examples that I would like to get others opinions on. I provide the scenarios for the primary and upstream registry, but please imagine it for n registries, in the case that #49 is implemented.

Example 1

Scenario:

1. The primary registry is searched, but the packument is not found
2. The upstream registry is searched and the packument is found

Question:

Should the "Packument not found" error for the primary registry be logged? In my opinion, no, because it is overruled by the packument being found in the upstream registry.

Example 2

Scenario:

1. The primary registry is searched. The packument is found, but the requested version is missing.
2. The upstream registry is searched. The packument is found.

Question:

Should the user be informed that the packument was found in the primary registry?

Example 3

Scenario:

1. The primary registry is searched. The packument and version is found but incompatible for the current editor version.
2. The upstream registry is searched. The packument is not found.

Question:

Should the user be informed that the packument was found in the primary registry, or should it count as a "packument not found", since it was not found in the "last" registry.

The above examples can be generalized to: If I search n registries and the different registries match the query differently well (some don't contain the packument, some have it, but not the version, some are incompatible, etc.) how should this information be presented to the user? Should all issues be logged? Only the "most fixable"? Only the last?

I'm curious to hear your opinions :)

Not listed -f, --force option, openupm --help.

openupm version: 1.15.4

I got the following warnings (called vulnerabilities?) and wonder what to do about them. Is this something you'd have to fix? Can I simply update deprecated libraries or will this break openupm-cli?

C:\Windows\system32>npm install -g openupm-cli
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: request has been deprecated, see request/request#3142
npm WARN deprecated [email protected]: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.)

added 294 packages, and audited 295 packages in 20s

19 packages are looking for funding
run npm fund for details

6 vulnerabilities (3 moderate, 2 high, 1 critical)

To address all issues (including breaking changes), run:
npm audit fix --force

Run npm audit for details.
npm notice
npm notice New minor version of npm available! 8.5.5 -> 8.9.0
npm notice Changelog: https://github.com/npm/cli/releases/tag/v8.9.0
npm notice Run npm install -g [email protected] to update!
npm notice