-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
npm install purescript
stuck
#12
Comments
Can you provide your node and npm version please? |
develop7@t-rex ~> node --version
v11.15.0
develop7@t-rex ~> npm --version
6.10.0
|
Same problem here, Ubuntu 18.04, node 12.6.0, npm 6.9.0. Installing version 0.13.0 works but installing 0.13.2 is stuck in the „Check if prebuilt ...“ step. |
This appears to be a bug in npm package load-from-cwd-or-npm v3.0.2, as it doesn't seem to resolve "request" anymore. You can work-around this by pinning it to 3.0.1 in your package.json: "dependencies": {
"purescript": "0.13.2",
"load-from-cwd-or-npm": "3.0.1"
} |
This drops the dependency on npm-cli-dir, load-from-cwd-or-npm, etc. It might fix #12.
This drops the dependency on npm-cli-dir, load-from-cwd-or-npm, etc. It might fix #12.
Oops, accidentally closed via a commit keyword. |
I've published a new release which vendors |
(Thanks @doolse for helping investigate!) |
Yes, it works again. Thanks for the fix! |
Great. Please open new issues if anything else arises. |
It turns out that this issue was deliberate sabotage. See https://harry.garrood.me/blog/malicious-code-in-purescript-npm-installer/ Thanks again to @doolse, whose investigation greatly helped in tracking this down. |
Repro:
Run
npm i -g purescript
Expected: successful installation
Instead: installer gets stuck forever on a
⠹ Check if a prebuilt 0.13.2 binary is provided for Linux
stepThe text was updated successfully, but these errors were encountered: