ENOAUDIT occurs when npm audit cannot reach or is not supported by your configured registry. Use --registry flag to audit against the public npm registry or disable audit with --no-audit.
The ENOAUDIT error occurs when npm audit cannot reach or is not supported by your configured package registry. This typically happens when you're using a private, corporate, or alternative npm registry that doesn't implement the security audit API endpoint that npm expects. The error indicates that npm is trying to check your dependencies for known security vulnerabilities, but the registry you're pointing to either doesn't support this feature or the connection to the audit endpoint is failing. This is a configuration issue rather than a problem with your code or dependencies.
Add the official npm registry URL to your audit command to bypass your configured private registry:
npm audit --registry=https://registry.npmjs.org/Or for audit fix:
npm audit fix --registry=https://registry.npmjs.org/Ensure you're running the latest versions of npm and Node.js:
npm install -g npm@latestCheck your current version:
npm --version
node --versionDelete your package-lock.json and node_modules folder and reinstall:
rm package-lock.json
rm -rf node_modules
npm installThen run audit again:
npm auditVerify your .npmrc file to see which registry is configured:
cat ~/.npmrc
cat .npmrcIf it points to a private registry without audit support, use a dual-registry setup in .npmrc:
registry=https://registry.npmjs.org/
@mycompany:registry=https://my-private-registry.com/npm/If npm audit runs automatically during npm install and fails, disable it temporarily:
npm install --audit=falseThen manually run audit with the public registry:
npm audit --registry=https://registry.npmjs.org/You can also configure this in .npmrc:
audit=falseIf you're managing a private registry and need audit support:
For Artifactory: Modern versions support npm audit natively.
For Nexus/Verdaccio: These open-source registries may not support audit. Consider:
- Upgrading to a version with audit support
- Using an npm-audit-proxy to redirect audit calls to the public npm registry
- Using third-party tools like Snyk or JFrog Xray for vulnerability scanning
For enterprise environments using corporate proxies: ensure your HTTP proxy configuration supports the audit endpoint. The audit API requires HTTPS POST requests to /-/npm/v1/security/audits with JSON payloads. Some corporate proxies or firewalls may block this endpoint even if package installation works fine. The audit-ci tool offers --pass-enoaudit flag for CI/CD pipelines where audit endpoint support is unavailable, allowing builds to pass while still attempting audits.
npm notice access token expired or revoked. Please try logging in again.
Token has expired - npm authentication failure
npm ERR! code EAI_AGAIN
How to fix "EAI_AGAIN" in npm
npm error code E403 npm error 403 Forbidden - PUT https://registry.npmjs.org/<package>
How to fix 'E403 Forbidden' error in npm
npm ERR! code EUSAGE npm ERR! Usage error
How to fix "npm ERR! code EUSAGE" in Node.js projects
npm ERR! code E401 npm ERR! 401 Unauthorized
How to fix "E401 Unauthorized" in npm