New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Odd permissions in the package tar.gz file as published to NPM #52
Comments
See also Tar module issue #7. |
+1 for this issue. I see this too. cannot install hogan by npm-install :( |
Is this going to be fixed? Seems pretty straightforward. |
Should be fixed as of Hogan 2.0.0 on March 13 |
But hogan 2.0.0 is not on NPM yet - only hogan-1.0.5-dev is there, so I vote for reopening. |
http://search.npmjs.org/#/hogan.js shows 2.0.0 for me |
Oh, there are 2 packages: http://search.npmjs.org/#/hogan shows 1.0.5-dev. |
Sometime between node-0.6.8 and node-0.6.11, the way NPM untars package files seems to have changed, and I believe this has revealed a latent problem with Hogan's package tar.gz file as published to the NPM registry.
In particular, none of the directories in the archive seem to have the execute permission flag set, which means that, once unpacked, it is impossible to actually read their contents (without altering the permission flags). This didn't bug the old NPM, but the current one will complain when attempting to install Hogan, along these lines:
If you download, untar, and inspect the package file, you can see what's up:
I'd expect all the directories to show up as
drwxrwxr-x
, which is what you'll see in pretty much every other NPM package (or tarball in general for that matter).The text was updated successfully, but these errors were encountered: