fetch failed: unable to verify the first certificate

Node cannot verify the TLS chain — usually a corporate MITM proxy. 1. Point to CA bundle: `NODE_EXTRA_CA_CERTS=/path/to/corp-ca.pem node ...`. 2. NPM registry SSL issues: `npm config set cafile /path/to/corp-ca.pem`. 3. NEVER use `NODE_TLS_REJECT_UNAUTHORIZED=0` outside of local debugging.