search

auth0 / repo-supervisor

Scan your code for security misconfiguration, search for passwords and secrets. :mag:
MIT License
637 stars 88 forks source link

Update lockfile #62

Closed blimmer closed 4 years ago

blimmer commented 4 years ago

By submitting a PR to this repository, you agree to the terms within the Auth0 Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.

Description

Describe the purpose of this PR along with any background information and the impacts of the proposed change. For the benefit of the community, please do not assume prior context.

Provide details that support your chosen implementation, including: breaking changes, alternatives considered, changes to the API, etc.

If the UI is being changed, please provide screenshots.

When the dependencies were updated with https://github.com/auth0/repo-supervisor/commit/62ec285bc4202c57e2ca2cc4180b42317f7a20ac , it looks like the lockfile was not updated and committed.

I ran npm ci (per the README) and got this error:

npm WARN prepare removing existing node_modules/ before installation

> fsevents@1.2.13 install /code/repo-supervisor/node_modules/watchpack-chokidar2/node_modules/fsevents
> node install.js

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'nan'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at [eval]:1:1
    at Script.runInThisContext (vm.js:122:20)
    at Object.runInThisContext (vm.js:329:38)
    at Object.<anonymous> ([eval]-wrapper:6:22)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at evalScript (internal/bootstrap/node.js:590:27)
gyp: Call to 'node -e "require('nan')"' returned exit status 1 while in binding.gyp. while trying to load binding.gyp
gyp ERR! configure error
gyp ERR! stack Error: `gyp` failed with exit code: 1
gyp ERR! stack     at ChildProcess.onCpExit (/home/me/.asdf/installs/nodejs/10.22.0/lib/node_modules/npm/node_modules/node-gyp/lib/configure.js:351:16)
gyp ERR! stack     at ChildProcess.emit (events.js:198:13)
gyp ERR! stack     at Process.ChildProcess._handle.onexit (internal/child_process.js:248:12)
gyp ERR! System Darwin 19.6.0
gyp ERR! command "/home/me/.asdf/installs/nodejs/10.22.0/bin/node" "/home/me/.asdf/installs/nodejs/10.22.0/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /code/repo-supervisor/node_modules/watchpack-chokidar2/node_modules/fsevents
gyp ERR! node -v v10.22.0
gyp ERR! node-gyp -v v5.1.0
gyp ERR! not ok
added 693 packages in 3.755si

When I ran npm i, I saw that the lockfile was updated and things started working (cc @radekk)

Testing

Describe how this can be tested by reviewers. Be specific about anything not tested and reasons why. If this library has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors.

Please include any manual steps for testing end-to-end or functionality not covered by unit/integration tests.

Also include details of the environment this PR was developed in (language/platform/browser version).

Run npm ci on the master branch and observe the error described above. Run npm ci on this branch and see it's fixed.

radekk commented 4 years ago

Hi @blimmer , thank you for the report. What version of npm and node are you using?

I tested a master branch on my dev environment and it seems to be working without any issues. These are my env details:

node -v
v10.18.1

npm -v
6.14.8

Please check if this update package-lock.json file did change anything for you. It's a separate branch: https://github.com/auth0/repo-supervisor/tree/update-lock-file

Thanks and please let me know if that works.

blimmer commented 4 years ago

Hey @radekk - here's my env info:

node -v
v10.22.0

npm -v
6.14.8

Indeed, I still get this error on your branch:

npm ci
npm WARN prepare removing existing node_modules/ before installation

> fsevents@1.2.13 install /Users/blimmer/code/secrets-scan/repo-supervisor/node_modules/watchpack-chokidar2/node_modules/fsevents
> node install.js

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'nan'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at [eval]:1:1
    at Script.runInThisContext (vm.js:122:20)
    at Object.runInThisContext (vm.js:329:38)
    at Object.<anonymous> ([eval]-wrapper:6:22)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at evalScript (internal/bootstrap/node.js:590:27)
gyp: Call to 'node -e "require('nan')"' returned exit status 1 while in binding.gyp. while trying to load binding.gyp
gyp ERR! configure error
gyp ERR! stack Error: `gyp` failed with exit code: 1
gyp ERR! stack     at ChildProcess.onCpExit (/Users/blimmer/.asdf/installs/nodejs/10.22.0/.npm/lib/node_modules/npm/node_modules/node-gyp/lib/configure.js:351:16)
gyp ERR! stack     at ChildProcess.emit (events.js:198:13)
gyp ERR! stack     at Process.ChildProcess._handle.onexit (internal/child_process.js:248:12)
gyp ERR! System Darwin 19.6.0
gyp ERR! command "/Users/blimmer/.asdf/installs/nodejs/10.22.0/bin/node" "/Users/blimmer/.asdf/installs/nodejs/10.22.0/.npm/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /Users/blimmer/code/secrets-scan/repo-supervisor/node_modules/watchpack-chokidar2/node_modules/fsevents
gyp ERR! node -v v10.22.0
gyp ERR! node-gyp -v v5.1.0
gyp ERR! not ok
added 708 packages in 3.606s
blimmer commented 4 years ago 
> docker run -it --rm --entrypoint sh node:10
# git clone https://github.com/auth0/repo-supervisor.git
Cloning into 'repo-supervisor'...
remote: Enumerating objects: 78, done.
remote: Counting objects: 100% (78/78), done.
remote: Compressing objects: 100% (72/72), done.
remote: Total 646 (delta 54), reused 10 (delta 4), pack-reused 568
Receiving objects: 100% (646/646), 1.04 MiB | 0 bytes/s, done.
Resolving deltas: 100% (280/280), done.
# cd repo-supervisor
# npm ci

> fsevents@1.2.13 install /repo-supervisor/node_modules/watchpack-chokidar2/node_modules/fsevents
> node install.js

Skipping 'fsevents' build as platform linux is not supported
added 693 packages in 6.666s

Interestingly, this does pass on a docker container. However, the fsevents package only installs on macOS, so maybe the difference is related to which OS we're using? I originally reported the issue on macOS.

radekk commented 4 years ago

@blimmer could you try to run npm ci --no-optional instead of npm ci? Let me know if that changed anything.

blimmer commented 4 years ago

Same failure with that flag:

npm ci --no-optional
npm WARN prepare removing existing node_modules/ before installation

> fsevents@1.2.13 install /Users/blimmer/code/secrets-scan/repo-supervisor/node_modules/watchpack-chokidar2/node_modules/fsevents
> node install.js

internal/modules/cjs/loader.js:638
    throw err;
    ^

Error: Cannot find module 'nan'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at [eval]:1:1
    at Script.runInThisContext (vm.js:122:20)
    at Object.runInThisContext (vm.js:329:38)
    at Object.<anonymous> ([eval]-wrapper:6:22)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at evalScript (internal/bootstrap/node.js:590:27)
gyp: Call to 'node -e "require('nan')"' returned exit status 1 while in binding.gyp. while trying to load binding.gyp
gyp ERR! configure error
gyp ERR! stack Error: `gyp` failed with exit code: 1
gyp ERR! stack     at ChildProcess.onCpExit (/Users/blimmer/.asdf/installs/nodejs/10.22.0/.npm/lib/node_modules/npm/node_modules/node-gyp/lib/configure.js:351:16)
gyp ERR! stack     at ChildProcess.emit (events.js:198:13)
gyp ERR! stack     at Process.ChildProcess._handle.onexit (internal/child_process.js:248:12)
gyp ERR! System Darwin 19.6.0
gyp ERR! command "/Users/blimmer/.asdf/installs/nodejs/10.22.0/bin/node" "/Users/blimmer/.asdf/installs/nodejs/10.22.0/.npm/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /Users/blimmer/code/secrets-scan/repo-supervisor/node_modules/watchpack-chokidar2/node_modules/fsevents
gyp ERR! node -v v10.22.0
gyp ERR! node-gyp -v v5.1.0
gyp ERR! not ok
added 692 packages in 3.692s
radekk commented 4 years ago

This indeed seems to be issue on Mac OS only. Let's merge this PR as it shouldn't cause any issue to other platforms, it's just a few libs.

Thanks!