npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

Tarball URLs on registry randomly switch from HTTPS to HTTP

As @haikoschol reported already for about two weeks now the dist tarball URLs for random packages switch from HTTPS to HTTP. The last one I found is typechecker 4.5.0 where the URL changed from to
This is weird behaviour of the registry, does someone know the rationale behind it?

Hmm, this seems like a duplicate of npm install downgrading resolved packages from https to http registry in package-lock.json.