Sdílet prostřednictvím


Tutorial: How to use upstream sources

TFS 2018

Using upstream sources in your feed enables you to manage your application dependencies from a single feed. Using upstream sources makes it easy to consume packages from public registries while having protection against outages or compromised packages. You can also publish your own packages to the same feed and manage all your dependencies in one location.

This tutorial will walk you through how to enable upstream sources on your feed and consume packages from public registries such as NuGet.org or npmjs.com.

In this tutorial, you will:

  • Create a new feed and enable upstream sources.
  • Set up your configuration file.
  • Run an initial package restore to populate your feed.
  • Check your feed to view the saved copy of the packages you consumed from the public registry.

Create a feed and enable upstream sources

  1. Select Build & Release, and then select Packages.

    Screenshot showing how to navigate to Azure Artifacts - TFS.

  2. Select New Feed to create a new feed.

    Screenshot showing the create feed button - TFS.

  3. Give your feed a Name and a Description, and set up who can read and who can contribute. Make sure you check the Include external packages checkbox, and then select Create when you're done.

    A screenshot showing how to create a new feed window in TFS.

Set up the configuration file

Now that we created our feed, we need to update the config file to point to our feed. To do this we must:

  1. Get the source's URL
  2. Update the configuration file
  1. Select Build & Release > Packages, and then select Connect to Feed.

    Screenshot showing how to connect to a feed - TFS

  2. Copy the highlighted snippet to add it to your config file.

    Screenshot highlighting the snippet to be added to the config file - TFS

If you don't have a .npmrc file already, create a new one in the root of your project (in the same folder as your package.json). Open your new .npmrc file and paste the snippet you just copied in the previous step.

Restore packages

Now that you enabled upstream sources and set up your configuration file, we can run the package restore command to query the upstream source and retrieve the upstream packages.

Remove the node_modules folder from your project and run the following command in an elevated command prompt window:

npm install --force

Note

The --force argument will force pull remotes even if a local copy exists.

Your feed now should have a saved copy of any packages you installed from upstream.