WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

Errors with and without npm when auditing npm:astro #70

New issue
New issue
Open
Open
Errors with and without npm when auditing npm:astro#70
Labels
bugSomething isn't working
@woodruffw

Description

@woodruffw
woodruffw
opened on Jun 29, 2022

Reported by @ran-dall on the OpenSSF Slack:

# it-depends npm:astro
Traceback (most recent call last):                             
  File "/usr/local/bin/it-depends", line 33, in <module>
    sys.exit(load_entry_point('it-depends', 'console_scripts', 'it-depends')())
  File "/it-depends/it_depends/cli.py", line 244, in main
    package_list = resolve(
  File "/it-depends/it_depends/dependencies.py", line 1045, in resolve
    result = finished.result()
  File "/usr/lib64/python3.10/concurrent/futures/_base.py", line 439, in result
    return self.__get_result()
  File "/usr/lib64/python3.10/concurrent/futures/_base.py", line 391, in __get_result
    raise self._exception
  File "/usr/lib64/python3.10/concurrent/futures/thread.py", line 58, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/it-depends/it_depends/dependencies.py", line 826, in _process_dep
    return _DependencyResult(dep=dep, packages=list(dep.resolver.resolve(dep)), depth=depth)
  File "/it-depends/it_depends/npm.py", line 87, in resolve
    output = subprocess.check_output(
  File "/usr/lib64/python3.10/subprocess.py", line 420, in check_output
    return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
  File "/usr/lib64/python3.10/subprocess.py", line 501, in run
    with Popen(*popenargs, **kwargs) as process:
  File "/usr/lib64/python3.10/subprocess.py", line 969, in __init__
    self._execute_child(args, executable, preexec_fn, close_fds,
  File "/usr/lib64/python3.10/subprocess.py", line 1845, in _execute_child
    raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: 'npm'

and then, with npm installed:

# it-depends npm:astro
resolving npm:astro@*: 0 dependencies [00:00, ? dependencies/s]npm notice 
npm notice New minor version of npm available! 8.3.1 -> 8.13.1
npm notice Changelog: https://github.com/npm/cli/releases/tag/v8.13.1
npm notice Run npm install -g [email protected] to update!
npm notice 
Version string lacks a numerical component: "l/generator': '^7.13.9',"

I haven't root caused this yet; the former might be a documentation or discovery problem on our end and the latter is possibly a breakage in npm's contract.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions