The package-lock.json file inside sonarjs contains references to https://repox.jfrog.io/artifactory/api/npm registry instead of the standard npm registry.
As a result I get a following error when trying to install dependencies on my local
npm ERR! code E401
npm ERR! Incorrect or missing password.
npm ERR! If you were trying to login, change your password, create an
npm ERR! authentication token or enable two-factor authentication then
npm ERR! that means you likely typed your password in incorrectly.
npm ERR! Please try again, or recover your password at:
npm ERR! https://www.npmjs.com/forgot
npm ERR! If you were doing some other operation then your saved credentials are
npm ERR! probably out of date. To correct this please try logging in again with:
npm ERR! npm login
This makes it harder for ppl to contribute or run forks, workaround is removing package-lock.json and reinstalling, but it’s not ideal as even newer patch versions can break certain things potentially