Closed DaniRvd closed 2 years ago
A $20 bounty has been put on this issue over at bountyhunt.io.
Top contributors:
bountyhunt.io is an open source service that allows people to put bounties on issues, and allows bountyhunters to claim those bounties.
In a way, we're helping people get paid for the open source work they do, and for people to live off of open source development.
Additionally, we help bring attention to the issues that matter most in the open source community.
This comment will only appear once ever, and will be modified if new bounties arrive, to reduce spam.
what node version? i think you should update node
Please uninstall sinon and install it again with new repository, like so: bower install --save-dev sinonjs/sinon
Hi, I am getting "CERT_HAS_EXPIRED Request to https://registry.bower.io/packages/angular-aria failed: certificate has expired". while doing bower install. Please suggest what could be the reason of it.
@chhn03 I see that the Bower certificate was renewed on Monday, 24 April 2023 at 03:43:54
. bower install
works on my machine, but Bitbucket pipelines (dockerized) is failing with the same CERT_HAS_EXPIRED
error. Still trying to figure out why the certificate isn't renewed automatically there...
@ChristiaanScheermeijer could you check if it still works on your machine after clearing the cache bower cache clean
?
Similar issue is open in the bower/registry
repository:
https://github.com/bower/registry/issues/304
Yes, it still works after that:
$ bower cache clean
bower deleted Cached package angular-bootstrap: /Users/christiaanscheermeijer/.cache/bower/packages/060f2023684d502403f2380d2be22dba/1.3.2
bower deleted Cached package angular: /Users/christiaanscheermeijer/.cache/bower/packages/060a9fe0e60a0d3d6c9ed350cde03e61/1.5.8
bower deleted Cached package angular: /Users/christiaanscheermeijer/.cache/bower/packages/060a9fe0e60a0d3d6c9ed350cde03e61/1.2.32
...
$ bower install
bower angular-cookies#1.5.8 not-cached https://github.com/angular/bower-angular-cookies.git#1.5.8
bower angular-cookies#1.5.8 resolve https://github.com/angular/bower-angular-cookies.git#1.5.8
bower angular-mocks#1.5.8 not-cached https://github.com/angular/bower-angular-mocks.git#1.5.8
bower angular-mocks#1.5.8 resolve https://github.com/angular/bower-angular-mocks.git#1.5.8
bower angular-gettext#~0.2.4 not-cached https://github.com/rubenv/angular-gettext.git#~0.2.4
bower angular-gettext#~0.2.4 resolve https://github.com/rubenv/angular-gettext.git#~0.2.4
...
@ChristiaanScheermeijer Did you delete the bower_components
folder before executing these commands? :thinking:
Yes, well, I renamed the folder because I was scared of losing the files 😅
@ChristiaanScheermeijer okay, strange, last idea, could you show what settings you have in the .bowerrc
file? :thinking:
Sure, here it is:
{
"directory": "app/bower_components"
}
When I added SSL disabling configuration "strict-ssl": false
to .bowerrc file, everything fetched fine
idk, something is wrong with the certificate :roll_eyes:
Edited: (I don't recommend this solution as production solution, disabling SSL can be dangerous, I did this just to check if the problem is with SSL)
Thanks @mchrapek , that worked for me!
@mchrapek any solution for this, except disabling SSL?
Hello Guys, any solution for this?
I Had the same on CircleCI:
bower invalid-meta for:/root/project/watson2/bower.json bower invalid-meta The "name" is recommended to be lowercase, can contain digits, dots, dashes bower CERT_HAS_EXPIRED Request to https://registry.bower.io/packages/angular-media-queries failed: certificate has expired
Exited with code exit status 1 CircleCI received exit code 1
In my Steps I run:
steps:
I did this in a hurry and certainly don't recommend doing this, but if you really need to deploy;
bower_components
folder from the .gitignore
filebower install
step in your CI definitionsbower_components
folder and the changes from aboveI will revert this change when all certificate issues are resolved.
Hello Guys,
The same problem here. It worked only by disabling "strict-ssl": false in .bowerrc file but it doesn't a good idea. Waiting for a better solution :(
I'm having the same problem as well; is there any news on when the cert will be fixed?
Adding SSL disabling configuration to .bowerrc file works for me.
{
"directory": "bower_components",
"registry": "https://registry.bower.io",
"strict-ssl": false
}
We brought it back to work by prefixing the following env-variable: NODE_OPTIONS=--use-openssl-ca
NODE_OPTIONS=--use-openssl-ca bower install
As to refer to https://github.com/bower/registry/issues/304#issuecomment-1520524290
TL;DR Upgrading the ancient version of node from v5.12 to the latest stable v18.16 seems to solve the issue for me (yikes this is an old project).
The older version of node was not recognizing the environment variable NODE_OPTIONS=--use-openssl-ca
for me unfortunately – even though the system itself didn't have any issues recognizing the certs from registry.bower.io (ie: `curl, wget worked fine on the system). Bower on the hand didn't like it, and that's because of the node version. For me and my team – it's just easier to upgrade the project node version, and packages, and we're more secure for it too.
got similar issue: went with suggestions above but in the following order: step 1 { "strict-ssl": false } step 2: bower .... step 3: updated this back again to: { "strict-ssl": true } step 4: bower (tested this a couple of times - it worked )
@cabexius I suspect bower is getting those packages from cache, and are the http packages. Run a bower cache clean and see if install works still.
yup, that was nasty. certs looks all good too for registry.bower.io
I'm curious. What are peoples reason for using Bower instead of NPM in 2023? Genuinely curious.
I am working with a design system that has become vital to an enterprise that uses bower with no easy upgrade path to non bower version. (Pattern Lab)
bower install
works for newer versions of node.
Only bower install
command I execute on the newer node (for example 12), and the rest of the commands for building the project I execute on the version I need.
It worked for us.
I'm curious. What are peoples reason for using Bower instead of NPM in 2023? Genuinely curious.
@ffMathy legacy app, it's being migrated to a new system. I gave the devs grief for not keeping these dependencies up to date though. ;)
I found a workaround that was installing the bower with node 12, without changing my current version of node, running
npx -p node@12 bower install
.
Hope it helps!
We're in a position where we can't upgrade the application for various reasons, but instead of turning off ssl in .bowerrc
using "strict-ssl": false
we managed to solve it by pointing the registry to what I have now been told is a deprecated alternate mirror (thanks @wsergent) understand is the "new default" (someone please correct me here if I'm wrong, I read it somewhere but can't remember where).
{
"directory": "bower_components",
"registry": "https://bower.herokuapp.com",
}
Solution provided by @stormonster worked for me. Thank you!
Hi,
Adding SSL disabling configuration to .bowerrc file works for me. It was not necessary add directory, in my project it is otherwise.
{ "registry": "https://registry.bower.io", "strict-ssl": false }
Adding SSL disabling configuration to .bowerrc file works for me.
This really should be the very last resort, so I hope you've tried all other potential solutions first, like the one I posted or the one @Fabiana19 mentioned. Disabling SSL is like driving blind folded and trusting everyone else on the road make sure you don't end up in an accident.
Hi,
Thank you, I will test your solution.
I did it the way my friend went to release the Deploy.
We're in a position where we can't upgrade the application for various reasons, but instead of turning off ssl in
.bowerrc
using"strict-ssl": false
we managed to solve it by pointing the registry to what I understand is the "new default" (someone please correct me here if I'm wrong, I read it somewhere but can't remember where).{ "directory": "bower_components", "registry": "https://bower.herokuapp.com", }
Thank you for this solution, this worked for us for now, but I would treat it only as a temporary workaround (though better than disabling SSL). According to this tweet from 2017, bower.herokuapp.com was deprecated in favour of registry.bower.io - so I think you have your 'new default' understanding backwards.
Either way, it worked for now!
I'm curious. What are peoples reason for using Bower instead of NPM in 2023? Genuinely curious.
Maintaining old systems, we're on our way to getting rid of bower already.
I'm curious. What are peoples reason for using Bower instead of NPM in 2023? Genuinely curious.
not everyone has a big team and time to update :)
look mate, not bashing, some of us guys might be untouched with reality, and stuck in time, we all or should have taken point to migrate. yes we heard it all, let's just help the community to answer their needs for help. and yes to need to update. yes to the need to migrate.
look mate, not bashing, some of us guys might be untouched with reality, and stuck in time, we all or should have taken point to migrate. yes we heard it all, let's just help the community to answer their needs for help. and yes to need to update. yes to the need to migrate.
Yes, but not every system can be updated in a easy way, some companies strugle with daily problems and need to solv them to survive, int the ideal world the migration is easy and fast, but in reality the variables are greater.
Output of
bower -v && npm -v && node -v
: C:\Users\daniel.ruse@cegeka.com\source\repos\Portals\CustomerAppNew> bower update sinon bower sinon# not-cached http://sinonjs.org/releases/sinon-1.17.6.0.js# bower sinon# resolve http://sinonjs.org/releases/sinon-1.17.6.0.js# bower sinon# download http://sinonjs.org/releases/sinon-1.17.6.0.js bower sinon#^11.1.2 cached https://github.com/cjohansen/Sinon.JS.git#11.1.2 bower sinon#^11.1.2 validate 11.1.2 against https://github.com/cjohansen/Sinon.JS.git#^11.1.2 bower sinon# CERT_HAS_EXPIRED certificate has expiredAdditional environment details (proxy, private registry, etc.):
Steps to reproduce the issue:
Go to 'cmd' paste 'bower update sinon ' Run See error CERT_HAS_EXPIRED Expected behavior Sinon update should be made without any error Describe the results you received:
Describe the results you expected: Sinon update should be made without any error
Additional information: