New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
@ sign in npm package-names leads to an exception #4412
Comments
bump |
Hello, I am having the same problem, any ideas on what to do to solve this? |
Hello, I have not been able to reproduce your issue. By loading both provided files into a test (as per cb59ad1), I observe an HTTP 200 response from the node audit API. Do you still observe this issue? If yes, do you observe this issue every time? If you clone the repo, checkout the commit and perform an On my side: $ node --version
v18.7.0
$ npm --version
8.15.0 |
Describe the bug
When using dependency check on a package.json and package-lock.json file with a depdency with a @-sign in its name like https://www.npmjs.com/package/@emotion/react
package.json
Gives:
I get a successful run if I remove all packages starting with @ or when I use an older node that generates a package-lock.json using version 1.
Version of dependency-check used
Using dependency-check-maven 7.1.0.
Package-lock.json is generated with node v18.0.0
Log file
Full package.json: https://gist.github.com/profTwinglings/51d7dbff3abe771c8ece98659fdbf101
package-lock.json: https://gist.github.com/profTwinglings/fadc6d506b4984245dac0feae9a6ebbe
older package-lock.json with node v14: https://gist.github.com/profTwinglings/ff06bb025fcb7cfaedf6350f9f537ee8
To Reproduce
Run dependency check maven with a package.json that has a package with @ in its name:
Expected behavior
Successful scan
The text was updated successfully, but these errors were encountered: