Closed fb33 closed 4 years ago
sschuberth
commented
4 years ago Yes, private package registries are generally supported, but this seems to be more of a proxy / configuration issue.
Do you have the http(s)_proxy environment variables set by any chance? The analyzer should respect these, and if no port is set for the proxy, we set a default port of 8080.
sschuberth
commented
4 years ago Also, how do your proxy-related settings in .npmrc look like?
fb33
commented
4 years ago I'm on windows, I use Git Bash to run ORT. It was a good idea, but I check my .bashrc, I've no proxy defined. Here is the log info at the beginning of the analyze :
________ _____________________
\_____ \\______ \__ ___/ the OSS Review Toolkit, version 0.1.0-beta.0.4415+9f5da49.
/ | \| _/ | | Running 'analyze' on Java 11.0.3 and Windows 10 with
/ | \ | \ | | OS = Windows_NT
\_______ /____|_ / |____| COMSPEC = C:\windows\system32\cmd.exe
\/ \/
More environment variables:
SHELL = C:\Program Files\Git\usr\bin\bash.exe
TERM = xterm
JAVA_HOME = C:\tools\java\jdk-11.0.3And my .npmrc looks like this :
registry=http://my.artifactory.com/artifactory/api/npm/npm-virtual
fb33
commented
4 years ago and the package-lock contains this kind of dependencies :
"dependencies": {
"abbrev": {
"version": "1.0.9",
"resolved": "http://my.artifactory.com:80/artifactory/api/npm/npm-virtual/abbrev/-/abbrev-1.0.9.tgz",
"integrity": "sha1-kbR5JYinc4wl813W9jdSovh3YTU=",
"dev": true
},
...
mnonnenmacher
commented
4 years ago @fb33 Can you run ORT with the --stacktrace flag enabled and post the stacktrace here? This should help to narrow down the issue.
sschuberth
commented
4 years ago @mnonnenmacher I already have a hunch what the problem is, and I'm testing something locally.
fb33
commented
4 years ago Here's the trace
Analyzing project path:
C:\workspace\POCs\MOB_ORT\mime-types
java.net.ConnectException: Failed to connect to /172.X.Y.Z:8080
at okhttp3.internal.connection.RealConnection.connectSocket(RealConnection.kt:270)
at okhttp3.internal.connection.RealConnection.connectTunnel(RealConnection.kt:234)
at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:170)
at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:236)
at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:109)
at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:77)
at okhttp3.internal.connection.Transmitter.newExchange$okhttp(Transmitter.kt:162)
at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:35)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:112)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:87)
at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:82)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:112)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:87)
at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:84)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:112)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:71)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:112)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:87)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.kt:184)
at okhttp3.RealCall.execute(RealCall.kt:66)
at com.here.ort.utils.OkHttpClientHelper.execute(OkHttpClientHelper.kt:131)
at com.here.ort.analyzer.managers.Npm.parseInstalledModules(Npm.kt:248)
at com.here.ort.analyzer.managers.Npm.resolveDependencies(Npm.kt:119)
at com.here.ort.analyzer.PackageManager.resolveDependencies(PackageManager.kt:213)
at com.here.ort.analyzer.Analyzer$analyzeInParallel$$inlined$use$lambda$1$1$1.invokeSuspend(Analyzer.kt:143)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:56)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.net.ConnectException: Connection refused: connect
at java.base/java.net.PlainSocketImpl.waitForConnect(Native Method)
at java.base/java.net.PlainSocketImpl.socketConnect(PlainSocketImpl.java:107)
at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399)
at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:242)
at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224)
at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:403)
at java.base/java.net.Socket.connect(Socket.java:591)
at okhttp3.internal.platform.Platform.connectSocket(Platform.kt:127)
at okhttp3.internal.connection.RealConnection.connectSocket(RealConnection.kt:268)
... 29 more
10:43:37.869 [analyzer-1] ERROR com.here.ort.analyzer.PackageManager - Resolving dependencies for 'package.json' failed with: Failed to connect to /172.X.Y.Z:8080
I've found the problem already and will propose a fix soon, thanks for reporting @fb33!
sschuberth
commented
4 years ago @fb33, if you're willing to build ORT from source yourself, could you maybe confirm that https://github.com/heremaps/oss-review-toolkit/pull/2062 fixes you issue?
fb33
commented
4 years ago I ve checkout branch "npmrc-proxy" and it works ! thanks for your reactivity
Hi,
We use artifactory for our private npm repo and to proxify registry.npmjs.org.
Analyzer execution report this error :
ERROR com.here.ort.analyzer.PackageManager - Resolving dependencies for 'package.json' failed with: Failed to connect to /<arti.fact.ory.ip>:8080The problem is that 8080 port is not accessible (and not reference anywhere in project files or npmrc !?) Our package-lock contains urls like : http://my.artificatory.com:80/artifactory/api/npm/npm-virtual/xxxxxDid I miss a configuration somewhere ? Does the private repo use-case is well implemented in ORT ?
Regards