Closed jurcyk closed 2 years ago
naugtur
commented
2 years ago Looks like something changed in your container image and it wasn't just node version
Try installing as dev dependency and running from npm script.
I won't help you beyond that
jurcyk
commented
2 years ago This is not my container, this is the official docker node container https://hub.docker.com/_/node
jurcyk
commented
2 years ago Same issue happens without container
root@d236741f5fcf:/app# npm --version
8.1.2
root@d236741f5fcf:/app# node --version
v16.13.2
root@d236741f5fcf:/app# npx -p npm-audit-resolver@3.0.0-6 check-audit --json
sh: 1: check-audit: Permission deniedWorks on older version
root@99fc30788132:/app# npm --version
6.14.15
root@99fc30788132:/app# node --version
v14.18.2
root@99fc30788132:/app# npx -p npm-audit-resolver@2.3.1 check-audit --json
npx: installed 59 in 2.514s
{
"issues": [],
"actions": [],
"advisories": {},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 0,
"high": 0,
"critical": 0
},
"dependencies": 287,
"devDependencies": 281,
"optionalDependencies": 60,
"totalDependencies": 627
}
}It is not a problem with audit-resolver. it says "sh:" before the error.
you don't have exec permissions to npm's bin folder. it's a system config problem.
jurcyk
commented
2 years ago This is caused by running as root in node16
Adding a user parameter to the command fixes the issue
docker run --rm -it --user node --workdir /app -v $(PWD):/app node:16.13.2-bullseye npx -y -p npm-audit-resolver@3.0.0-6 check-audit --json
Great for CI/CD environments that only have docker installed and not nodejs
If you have docker installed you can run this command inside your package folder
Command
docker run --rm --workdir /app -v ${PWD}:/app -it node:16.13.2-bullseye npx -y -p npm-audit-resolver@3.0.0-6 check-audit --jsonBad Result
sh: 1: check-audit: Permission deniedWorking command (Older Versions)
docker run --rm --workdir /app -v ${PWD}:/app -it node:14.18.2-bullseye npx -p npm-audit-resolver@2.3.1 check-audit --jsonGood Result