mirror of
https://github.com/oven-sh/bun
synced 2026-02-10 02:48:50 +00:00
1800093a64
## Summary - Fixed `bun install --frozen-lockfile` to use scope-specific registry for scoped packages when the lockfile has an empty registry URL When parsing a `bun.lock` file with an empty registry URL for a scoped package (like `@example/test-package`), bun was unconditionally using the default npm registry (`https://registry.npmjs.org/`) instead of looking up the scope-specific registry from `bunfig.toml`. For example, with this configuration in `bunfig.toml`: ```toml [install.scopes] example = { url = "https://npm.pkg.github.com" } ``` And this lockfile entry with an empty registry URL: ```json "@example/test-package": ["@example/test-package@1.0.0", "", {}, "sha512-AAAA"] ``` bun would try to fetch from `https://registry.npmjs.org/@example/test-package/-/...` instead of `https://npm.pkg.github.com/@example/test-package/-/...`. The fix uses `manager.scopeForPackageName()` (the same pattern used in `pnpm.zig`) to look up the correct scope-specific registry URL. ## Test plan - [x] Added regression test `test/regression/issue/026039.test.ts` that verifies: - Scoped packages use the scope-specific registry from `bunfig.toml` - Non-scoped packages continue to use the default registry - [x] Verified test fails with system bun (without fix) and passes with debug build (with fix) Fixes #26039 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude Bot <claude-bot@bun.sh> Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> Co-authored-by: Jarred Sumner <jarred@jarredsumner.com>