Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Errors with and without npm when auditing npm:astro #70

Open
woodruffw opened this issue Jun 29, 2022 · 1 comment
Open

Errors with and without npm when auditing npm:astro #70

woodruffw opened this issue Jun 29, 2022 · 1 comment
Labels
bug Something isn't working

Comments

@woodruffw
Copy link
Member

Reported by @ran-dall on the OpenSSF Slack:

# it-depends npm:astro
Traceback (most recent call last):                             
  File "/usr/local/bin/it-depends", line 33, in <module>
    sys.exit(load_entry_point('it-depends', 'console_scripts', 'it-depends')())
  File "/it-depends/it_depends/cli.py", line 244, in main
    package_list = resolve(
  File "/it-depends/it_depends/dependencies.py", line 1045, in resolve
    result = finished.result()
  File "/usr/lib64/python3.10/concurrent/futures/_base.py", line 439, in result
    return self.__get_result()
  File "/usr/lib64/python3.10/concurrent/futures/_base.py", line 391, in __get_result
    raise self._exception
  File "/usr/lib64/python3.10/concurrent/futures/thread.py", line 58, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/it-depends/it_depends/dependencies.py", line 826, in _process_dep
    return _DependencyResult(dep=dep, packages=list(dep.resolver.resolve(dep)), depth=depth)
  File "/it-depends/it_depends/npm.py", line 87, in resolve
    output = subprocess.check_output(
  File "/usr/lib64/python3.10/subprocess.py", line 420, in check_output
    return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
  File "/usr/lib64/python3.10/subprocess.py", line 501, in run
    with Popen(*popenargs, **kwargs) as process:
  File "/usr/lib64/python3.10/subprocess.py", line 969, in __init__
    self._execute_child(args, executable, preexec_fn, close_fds,
  File "/usr/lib64/python3.10/subprocess.py", line 1845, in _execute_child
    raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: 'npm'

and then, with npm installed:

# it-depends npm:astro
resolving npm:astro@*: 0 dependencies [00:00, ? dependencies/s]npm notice 
npm notice New minor version of npm available! 8.3.1 -> 8.13.1
npm notice Changelog: https://github.com/npm/cli/releases/tag/v8.13.1
npm notice Run npm install -g npm@8.13.1 to update!
npm notice 
Version string lacks a numerical component: "l/generator': '^7.13.9',"

I haven't root caused this yet; the former might be a documentation or discovery problem on our end and the latter is possibly a breakage in npm's contract.
@woodruffw woodruffw added the bug Something isn't working label Jun 29, 2022
@woodruffw
Copy link
Member Author

The latter looks like a dupe of #65.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@woodruffw