search

TooTallNate / node-proxy-agent

Maps proxy protocols to `http.Agent` implementations
285 stars 69 forks source link

https-proxy-agent-snyk-fork not found, but is a dependecy of proxy-agent? #46

Closed NiteshOswal closed 4 years ago

NiteshOswal commented 4 years ago 
npm ERR! code E404
npm ERR! 404 Not Found - GET https://registry.npmjs.org/https-proxy-agent-snyk-fork - Not found
npm ERR! 404 
npm ERR! 404  'https-proxy-agent-snyk-fork@*' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404 It was specified as a dependency of 'proxy-agent'
npm ERR! 404 
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.
Abutayar commented 4 years ago

facing the same issue

NiteshOswal commented 4 years ago

https://registry.npmjs.org/https-proxy-agent-snyk-fork Someone found the opportunity and grabbed it by its balls.

rjanas commented 4 years ago

it says: UNMET DEPENDENCY proxy-agent@file:../../../../travis/build/snyk/snyk/proxy-agent-3.1.0.tgz and it leads to https-proxy-agent-snyk-fork@git://github.com/snyk/node-https-proxy-agent.git#fix/https-agent-vuln

I guess that snyk guys (snyk.io) found some vulnerability and broke the lib

NiteshOswal commented 4 years ago

More like, the package was deleted from npm and someone claimed that package name

Abutayar commented 4 years ago

so now we can't use any package which depends on this

NiteshOswal commented 4 years ago

From a bit more digging into it, looks like it's the bundleDependencies key which is being respected.

{
  "name": "proxy-agent",
  "version": "3.1.0",
  "description": "Maps proxy protocols to `http.Agent` implementations",
  "main": "index.js",
  "scripts": {
    "test": "mocha --reporter spec"
  },
  "engines": {
    "node": ">=6"
  },
  "repository": {
    "type": "git",
    "url": "git://github.com/TooTallNate/node-proxy-agent.git"
  },
  "keywords": [
    "http",
    "https",
    "socks",
    "agent",
    "mapping",
    "proxy",
    "cache"
  ],
  "author": "Nathan Rajlich <nathan@tootallnate.net> (http://n8.io/)",
  "license": "MIT",
  "bugs": {
    "url": "https://github.com/TooTallNate/node-proxy-agent/issues"
  },
  "homepage": "https://github.com/TooTallNate/node-proxy-agent",
  "dependencies": {
    "agent-base": "^4.2.0",
    "debug": "^3.1.0",
    "http-proxy-agent": "^2.1.0",
    "lru-cache": "^4.1.2",
    "proxy-from-env": "^1.0.0",
    "socks-proxy-agent": "^4.0.1"
  },
  "devDependencies": {
    "@types/agent-base": "^4.2.0",
    "mocha": "^5.0.5",
    "proxy": "0.2.4",
    "socksv5": "0.0.6",
    "stream-to-buffer": "0.1.0"
  },
  "bundleDependencies": [
    "https-proxy-agent-snyk-fork",
    "pac-proxy-agent"
  ]
}
Abutayar commented 4 years ago

@NiteshOswal have anyone open the issue https-proxy-agent-snyk-fork or there is no one maintaining it because was not able to find any repro for the same

Abutayar commented 4 years ago

the issue has been fixed https://github.com/snyk/snyk/issues/796