New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bower register https/ssh fails #4

Closed
sindresorhus opened this Issue Oct 17, 2012 · 27 comments

Comments

Projects
None yet
@sindresorhus
Member

sindresorhus commented Oct 17, 2012

When trying to register a package using an https url, Bower fails with a generic error message.

bower register screenfull https://github.com/sindresorhus/screenfull.js.git
bower error Incorrect format

This works fine however:

bower register screenfull git://github.com/sindresorhus/screenfull.js.git
registered screenfull to git://github.com/sindresorhus/screenfull.js.git

Sidenote: The error message is not very descriptive either, at first I thought it was the package

@asbjornenge

This comment has been minimized.

Show comment
Hide comment
@asbjornenge

asbjornenge Mar 27, 2013

Since this hasn't been fixed for 5 month's I hope it's a bit more severe than just fixing the regexp in validate? :-P

def validate
  super
  errors.add(:url, 'is not correct format') if url !~ /^git:\/\//
end

asbjornenge commented Mar 27, 2013

Since this hasn't been fixed for 5 month's I hope it's a bit more severe than just fixing the regexp in validate? :-P

def validate
  super
  errors.add(:url, 'is not correct format') if url !~ /^git:\/\//
end
@sindresorhus

This comment has been minimized.

Show comment
Hide comment
@sindresorhus

sindresorhus Mar 27, 2013

Member

That should do it.

Member

sindresorhus commented Mar 27, 2013

That should do it.

@benschwarz

This comment has been minimized.

Show comment
Hide comment
@benschwarz

benschwarz Jun 29, 2013

Member

Can we also include "a better error message" as part of the scope of this?

"Please use git:// or https:// urls" would be a huge improvement.

Member

benschwarz commented Jun 29, 2013

Can we also include "a better error message" as part of the scope of this?

"Please use git:// or https:// urls" would be a huge improvement.

@satazor

This comment has been minimized.

Show comment
Hide comment
@satazor

satazor Aug 4, 2013

Member

The ssh and https protocols can reference public and private repositories. One cannot simply allow registration without actually attempting to fetch them. If it fails with an authentication failure it means it's private. Otherwise it's public. @danheberden perhaps we need to include this in the server rewrite.

Member

satazor commented Aug 4, 2013

The ssh and https protocols can reference public and private repositories. One cannot simply allow registration without actually attempting to fetch them. If it fails with an authentication failure it means it's private. Otherwise it's public. @danheberden perhaps we need to include this in the server rewrite.

@seancurtis

This comment has been minimized.

Show comment
Hide comment
@seancurtis

seancurtis Dec 29, 2013

@danheberden @satazor is there any eta on when this will be fixed? I have a package on Bitbucket I want to register but am unable to because of this bug :(

seancurtis commented Dec 29, 2013

@danheberden @satazor is there any eta on when this will be fixed? I have a package on Bitbucket I want to register but am unable to because of this bug :(

@mingos777

This comment has been minimized.

Show comment
Hide comment
@mingos777

mingos777 Jan 29, 2014

@seancurtis Welcome to the club :/

mingos777 commented Jan 29, 2014

@seancurtis Welcome to the club :/

@seancurtis

This comment has been minimized.

Show comment
Hide comment
@seancurtis

seancurtis Apr 28, 2014

@danheberden @benschwarz @satazor is there an update on this? I'd really love to be able to publish my Fancy File Input (https://bitbucket.org/atlassianlabs/fancy-file-input/) component to Bower.

seancurtis commented Apr 28, 2014

@danheberden @benschwarz @satazor is there an update on this? I'd really love to be able to publish my Fancy File Input (https://bitbucket.org/atlassianlabs/fancy-file-input/) component to Bower.

@benschwarz

This comment has been minimized.

Show comment
Hide comment
@benschwarz

benschwarz Apr 28, 2014

Member

@sheerun any thoughts on how bitbucket repos play into auth?

Member

benschwarz commented Apr 28, 2014

@sheerun any thoughts on how bitbucket repos play into auth?

@sheerun

This comment has been minimized.

Show comment
Hide comment
@sheerun

sheerun Apr 28, 2014

Contributor

They apparently don't support git:// prefix, and when trying to register https:// version I get:

bower register fancy-file-input https://bitbucket.org/atlassianlabs/fancy-file-input.git
bower                       EINVFORMAT The registry only accepts URLs starting with git://

Why not allow https urls?

Contributor

sheerun commented Apr 28, 2014

They apparently don't support git:// prefix, and when trying to register https:// version I get:

bower register fancy-file-input https://bitbucket.org/atlassianlabs/fancy-file-input.git
bower                       EINVFORMAT The registry only accepts URLs starting with git://

Why not allow https urls?

@ikari-pl

This comment has been minimized.

Show comment
Hide comment
@ikari-pl

ikari-pl Apr 29, 2014

So... we're never gonna be able to register a bitbucket public repo?

ikari-pl commented Apr 29, 2014

So... we're never gonna be able to register a bitbucket public repo?

@JasonBerry

This comment has been minimized.

Show comment
Hide comment
@JasonBerry

JasonBerry Apr 30, 2014

… or any other host that doesn't support the Git protocol.

JasonBerry commented Apr 30, 2014

… or any other host that doesn't support the Git protocol.

@cheshrkat

This comment has been minimized.

Show comment
Hide comment
@cheshrkat

cheshrkat May 7, 2014

Just adding a +1 to supporting hosts-other-than-github ;)

cheshrkat commented May 7, 2014

Just adding a +1 to supporting hosts-other-than-github ;)

@haukurmar

This comment has been minimized.

Show comment
Hide comment
@haukurmar

haukurmar May 14, 2014

I agree, I am in the same boat here, I want to register my Bitbucket repos.

Is there any reason bower shouldn't support https?

If not can someone please fix this? :)

haukurmar commented May 14, 2014

I agree, I am in the same boat here, I want to register my Bitbucket repos.

Is there any reason bower shouldn't support https?

If not can someone please fix this? :)

@kode4food

This comment has been minimized.

Show comment
Hide comment
@kode4food

kode4food Jun 1, 2014

I'm in the same boat. My project is hosted on bitbucket and I have no interest in migrating it over to github. If the git CLI can access my repo, why shouldn't bower also be able to? Fix it, please

kode4food commented Jun 1, 2014

I'm in the same boat. My project is hosted on bitbucket and I have no interest in migrating it over to github. If the git CLI can access my repo, why shouldn't bower also be able to? Fix it, please

@kode4food

This comment has been minimized.

Show comment
Hide comment
@kode4food

kode4food Jun 1, 2014

I was able to bypass the problem by adding:

[url "https://"]   
    insteadOf = git://

to my ~/.gitconfig file. At least I think it worked for publishing

Of course, it doesn't help people trying to actually 'retrieve' the package. Unless they've done the same

kode4food commented Jun 1, 2014

I was able to bypass the problem by adding:

[url "https://"]   
    insteadOf = git://

to my ~/.gitconfig file. At least I think it worked for publishing

Of course, it doesn't help people trying to actually 'retrieve' the package. Unless they've done the same

@benschwarz

This comment has been minimized.

Show comment
Hide comment
@benschwarz

benschwarz Jun 1, 2014

Member

@kode4food "Fix it, please" is only going to make project maintainers want to shoot this issue to the moon.

@sheerun As far as I'm aware, https protocol is disabled because we use --depth 1 and github enterprise/https has issues.

It'd be good to recover from shallow clone errors and use a full clone… Thoughts?

Member

benschwarz commented Jun 1, 2014

@kode4food "Fix it, please" is only going to make project maintainers want to shoot this issue to the moon.

@sheerun As far as I'm aware, https protocol is disabled because we use --depth 1 and github enterprise/https has issues.

It'd be good to recover from shallow clone errors and use a full clone… Thoughts?

@kode4food

This comment has been minimized.

Show comment
Hide comment
@kode4food

kode4food Jun 1, 2014

Was 'please' not the right word? Seems not very different than "If not can someone please fix this? :)" Should I have added a smiley face?

kode4food commented Jun 1, 2014

Was 'please' not the right word? Seems not very different than "If not can someone please fix this? :)" Should I have added a smiley face?

@gerbsen

This comment has been minimized.

Show comment
Hide comment
@gerbsen

gerbsen Jun 19, 2014

Hey, any updates? I would really like to publish my bower component from my bitbucket repository :( 👍

gerbsen commented Jun 19, 2014

Hey, any updates? I would really like to publish my bower component from my bitbucket repository :( 👍

@sheerun

This comment has been minimized.

Show comment
Hide comment
@sheerun

sheerun Jun 19, 2014

Contributor

I guess we can implement this in 1.4.x and disable --depth for https repositories.

PR is welcome.

Contributor

sheerun commented Jun 19, 2014

I guess we can implement this in 1.4.x and disable --depth for https repositories.

PR is welcome.

@kode4food

This comment has been minimized.

Show comment
Hide comment
@kode4food

kode4food Jun 19, 2014

@sheerun that would be fantastic, thanks!

kode4food commented Jun 19, 2014

@sheerun that would be fantastic, thanks!

@dgieselaar

This comment has been minimized.

Show comment
Hide comment
@dgieselaar

dgieselaar Jun 20, 2014

In the meantime, is there a workaround?

dgieselaar commented Jun 20, 2014

In the meantime, is there a workaround?

@sheerun

This comment has been minimized.

Show comment
Hide comment
@sheerun

sheerun Jun 20, 2014

Contributor

You can put repo url as dependency version.

{
  "dependencies": {
    "foo": "https://bitbucket.org/foo/foo.git#1.2.3"
  }
}

or something like that.

Contributor

sheerun commented Jun 20, 2014

You can put repo url as dependency version.

{
  "dependencies": {
    "foo": "https://bitbucket.org/foo/foo.git#1.2.3"
  }
}

or something like that.

@dgieselaar

This comment has been minimized.

Show comment
Hide comment
@dgieselaar

dgieselaar Jun 20, 2014

@sheerun thanks!

edit: never mind, unable to get that to work. @kode4food Have you been able to register a bower component with just that in your .gitignore file? How does the register command look?

dgieselaar commented Jun 20, 2014

@sheerun thanks!

edit: never mind, unable to get that to work. @kode4food Have you been able to register a bower component with just that in your .gitignore file? How does the register command look?

@kode4food

This comment has been minimized.

Show comment
Hide comment
@kode4food

kode4food Jul 8, 2014

@plestik Can't remember the command, but I believe I was registering it like "bower register interpol git://..." The registration works, but users would have to make the same .gitconfig change in order to retrieve the package. So it really didn't solve the problem.

kode4food commented Jul 8, 2014

@plestik Can't remember the command, but I believe I was registering it like "bower register interpol git://..." The registration works, but users would have to make the same .gitconfig change in order to retrieve the package. So it really didn't solve the problem.

@satazor

This comment has been minimized.

Show comment
Hide comment
@satazor

satazor Jul 11, 2014

Member

As I said earlier, the problem is not the --depth (that is a whole separate issue). The issue is that we must ensure the repo you are trying to register is public. The git:// protocol is public only, while https or ssh can point to both public and private. To allow other protocols, we must ensure that we are able to fetch them without auth. This must be done in the bower/registry server.

@sheerun please don't simply remove the constraint without actually doing the validation I'm mentioning above, otherwise we will have a complete mess of other issues.

Member

satazor commented Jul 11, 2014

As I said earlier, the problem is not the --depth (that is a whole separate issue). The issue is that we must ensure the repo you are trying to register is public. The git:// protocol is public only, while https or ssh can point to both public and private. To allow other protocols, we must ensure that we are able to fetch them without auth. This must be done in the bower/registry server.

@sheerun please don't simply remove the constraint without actually doing the validation I'm mentioning above, otherwise we will have a complete mess of other issues.

@kumar303

This comment has been minimized.

Show comment
Hide comment
@kumar303

kumar303 Sep 2, 2014

I was seeing this error and finally found out the problem was that I was trying to register the package as FxPay when my git URL was in lower case as fxpay. When I changed everything to lower case it worked.

kumar303 commented Sep 2, 2014

I was seeing this error and finally found out the problem was that I was trying to register the package as FxPay when my git URL was in lower case as fxpay. When I changed everything to lower case it worked.

@rayshan

This comment has been minimized.

Show comment
Hide comment
@rayshan

rayshan Sep 4, 2014

Member

@kumar303 b/c spec says lowercase only, however we need better error messages

Member

rayshan commented Sep 4, 2014

@kumar303 b/c spec says lowercase only, however we need better error messages

kentwills added a commit to kentwills/registry that referenced this issue Sep 29, 2015

kentwills added a commit to kentwills/registry that referenced this issue Sep 29, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment