What does npm:E422 mean?

npm received HTTP 422 because the publish payload was semantically invalid, such as bad metadata, malformed tarball data, or invalid package state.

How do I prevent npm:E422 in CI?

Automate version bumps as part of release workflow. Keep registry routing explicit for scoped packages. Validate package contents with `npm pack` before publishing.

How can I manually validate npm:E422?

Preview what will be published: `npm pack --dry-run` (or `npm pack` and inspect the tarball). Confirm effective registry: `npm config get registry`.

npm ERR! code E422

Fix it fast

Most likely: The registry understood the publish request but rejected the package payload or metadata, usually because package.json, package name, version, files, or tarball contents are invalid.

1. Confirm this is your error

npm ERR! code E422
npm ERR! 422 Unprocessable Entity - PUT https://registry.npmjs.org/npm-sync - Unprocessable Entity

2. Check the cause

npm config get registry
npm pack --dry-run
npm pkg get name version files
npm publish --dry-run

3. Apply the safe fix

# Fix invalid package metadata or package contents, then re-pack before publishing.
npm pack --dry-run
npm publish --dry-run
npm publish --registry <registry>

4. Verify it works

npm pack --dry-run
npm publish --dry-run
npm view <package>@<version> --registry <registry>

Don't use unsafe shortcuts

Do not confuse E422 with E409, E422 is usually invalid payload or metadata, not just an existing version.
Do not publish before inspecting what npm pack --dry-run includes.
Do not ignore registry-specific package name, scope, or metadata rules.

What This Error Means

Read this as a precise clue about which part of the workflow broke first. Once you know the failing layer, the fix path gets much shorter.

How to Fix It

Check which registry npm is using:npm config get registry

If the package is scoped, verify scope registry mapping in .npmrc (example: @your-scope:registry=...).

Validate package.json fields (name, version, files) and ensure the package packs correctly: npm pack.

Check for invalid semver or forbidden characters in the package name.

Why It Happens

Usually this comes down to the version is already published (most common), the package metadata is invalid or violates registry policy, or you are publishing to the wrong registry or scope.

Verify the Fix

Run npm view <pkg>@<version> and confirm the new version exists after publish, and re-run publish and confirm the registry accepts it.

Manual validation checklist

Preview what will be published with npm pack --dry-run (or npm pack and inspect the tarball), and confirm effective registry with npm config get registry.

How npm surfaces this error

Registries treat versions as immutable. A version conflict is an expected protection. Invalid package metadata causes publish validation errors.

Prevent It From Coming Back

To prevent this, automate version bumps as part of release workflow, keep registry routing explicit for scoped packages, and validate package contents with npm pack before publishing.

Docs and source code

github.com/npm/cli/blob/417daa72b09c5129e7390cd12743ef31bf3ddb83/lib/utils/ping.js

This is a registry request path. Many resolution/publish errors happen while fetching or publishing package metadata to the registry. - GitHub

// used by the ping and doctor commands
const npmFetch = require('npm-registry-fetch')
module.exports = async (flatOptions) => {
  const res = await npmFetch('/-/ping', { ...flatOptions, cache: false })
  return res.json().catch(() => ({}))
}