New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Install Fails - left-pad@0.0.3 is no longer on npm #6595

Closed
kauffecup opened this Issue Mar 22, 2016 · 20 comments

Comments

Projects
None yet
@kauffecup
Copy link

kauffecup commented Mar 22, 2016

One of the dependencies in react-native (currently looking into which one - will post back here when I figure it out) depends on left-pad@0.0.3. 15 minutes ago (as of the writing of this issue) left-pad updated to 0.0.9 and they seem to have removed 0.0.3 from npm: https://www.npmjs.com/package/left-pad

This results in the following error when simply running npm i react-native:

npm ERR! No compatible version found: left-pad@0.0.3
npm ERR! Valid install targets:
npm ERR! 0.0.9

😞

@findmory

This comment has been minimized.

Copy link

findmory commented Mar 22, 2016

just to be clear this also means react-native init <projectName> fails as well

@Blackening999

This comment has been minimized.

Copy link

Blackening999 commented Mar 22, 2016

damn!!! the same issue but with Ember. Can't deploy to heroku anymore :(

@macavity23

This comment has been minimized.

Copy link

macavity23 commented Mar 22, 2016

@kauffecup Running into this issue w React 0.14, so it's something not specific to react-native

@findmory

This comment has been minimized.

Copy link

findmory commented Mar 22, 2016

Kinda ironic considering the entire package is:

module.exports = leftpad;

function leftpad (str, len, ch) {
  str = String(str);
  var i = -1;
  ch || (ch = ' ');
  len = len - str.length;

  while (++i < len) {
    str = ch + str;
  }

  return str;
}
@macavity23

This comment has been minimized.

Copy link

macavity23 commented Mar 22, 2016

Makes you wonder what was in versions 0.0.4-0.0.8...

@Blackening999

This comment has been minimized.

Copy link

Blackening999 commented Mar 22, 2016

Kinda ironic this thing isn't important at all... Very funny, string padding destroyed the whole infrastructure. LoL. Does someone tried to downgrade their npm version?

@redconfetti

This comment has been minimized.

Copy link

redconfetti commented Mar 22, 2016

It's such a simple library.

@dimitriwalters

This comment has been minimized.

Copy link

dimitriwalters commented Mar 22, 2016

This issue is also discussed here, but a workaround is to add this to your package.json:

"left-pad": "git://github.com/azer/left-pad.git#bff80e3ef0db0bfaba7698606c4f623433d14355"

@OllieJennings

This comment has been minimized.

Copy link

OllieJennings commented Mar 22, 2016

@dimitriwalters this should be fixed now by re-installing babel (make sure latest) if you are on version 6

@kauffecup

This comment has been minimized.

Copy link

kauffecup commented Mar 22, 2016

I ran npm-remote-ls react-native to print out the entire dependency tree... and it isn't in the resulting print. I'm not going to paste it here because it's massive, but run for yourself and see what I mean. It's fairly confusing.

@knpwrs

This comment has been minimized.

Copy link

knpwrs commented Mar 22, 2016

For everyone giving +1: https://github.com/blog/2119-add-reactions-to-pull-requests-issues-and-comments

[Note by @vjeux: I deleted all the +1 comments to make this issue easier to follow]

@bennidhamma

This comment has been minimized.

Copy link

bennidhamma commented Mar 22, 2016

npm install plus-one@0.0.3

npm ERR! No compatible version found: plus-one@0.0.3
npm ERR! Valid install targets:
npm ERR! 0.0.9
@DaveyEdwards

This comment has been minimized.

Copy link

DaveyEdwards commented Mar 22, 2016

Im getting this with react not react-native (If react has anything to do with the error). Just updated npm/node this morning and was going to update all my deps

@samwgoldman

This comment has been minimized.

Copy link
Member

samwgoldman commented Mar 22, 2016

@ide

This comment has been minimized.

Copy link
Collaborator

ide commented Mar 22, 2016

Tracing backwards through the dependencies, Babel indirectly depends on left-pad. So basically that guy broke a ton of the JS ecosystem by indirectly breaking Babel (people reading this -- take note, probably not the best idea).

Once Babel republishes their packages as either a patch or minor version update, npm will automatically get the latest version of Babel with the fix.

Shrinkwrap wouldn't have helped because the author outright deleted the package from npm, so there's not much we could have done in this situation other than to statically ship the dependencies with react-native. Perhaps npm will come up with a better story around this -- ex: making it so that packages stay up for 24 hours and print a big warning about a pending removal if you try to install an unpublished version.

@ghost

This comment has been minimized.

Copy link

ghost commented Mar 22, 2016

This is hilarious 😆 , but not. 😭

@msikma

This comment has been minimized.

Copy link

msikma commented Mar 22, 2016

User @azer mentions in his post that he would be glad to hand over ownership of a module—I'm assuming that means it's also OK to republish the module on NPM. Since this is such an extremely simple module, perhaps someone could take it over and republish 0.0.3? That might help lots of people avoid the extra work to fix this.

@kittens

This comment has been minimized.

Copy link
Member

kittens commented Mar 22, 2016

I've published Babel 6.7.2 and 5.8.38 to fix this. The ranges in package.json are fine but the shrinkwrap will need to be updated.

@the-kenny

This comment has been minimized.

Copy link

the-kenny commented Mar 22, 2016

FYI: The library in question fits in a tweet (https://twitter.com/the_kenny/status/712414574658588672). Maybe people should finally start to think about what deserves to be an external dependency and what not.

@vjeux

This comment has been minimized.

Copy link
Contributor

vjeux commented Mar 22, 2016

npm republished that version: https://twitter.com/seldo/status/712414400808755200

@kauffecup kauffecup closed this Mar 23, 2016

@facebook facebook locked as resolved and limited conversation to collaborators May 24, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.