walter-weinmann
commented
3 years ago Closed walter-weinmann closed 2 years ago
walter-weinmann
commented
3 years ago 
msimonborg
commented
2 years ago I'm having this issue as well. Trying to install latest Yarn with asdf v.0.9.0 on macOS 10.15.7. I have been able to install multiple Elixir, Erlang, NodeJS, and Ruby packages with asdf but having an issue with Yarn. I had to install Yarn with npm. I have been able to add the Yarn asdf plugin but get this result when trying to install:
$ asdf install yarn latest
--2022-01-07 16:55:15-- https://classic.yarnpkg.com/downloads/1.22.17/yarn-v1.22.17.tar.gz
Resolving classic.yarnpkg.com... 2600:1f18:2489:8200:a007:6646:1f31:908c, 2604:a880:400:d0::1bdf:e001, 161.35.60.200, ...
Connecting to classic.yarnpkg.com|2600:1f18:2489:8200:a007:6646:1f31:908c|:443... connected.
ERROR: cannot verify classic.yarnpkg.com's certificate, issued by ‘CN=R3,O=Let's Encrypt,C=US’:
Issued certificate has expired.
To connect to classic.yarnpkg.com insecurely, use `--no-check-certificate'.Running asdf install yarn latest --no-check-certificate gives me the same return.
Here are the outputs of some of my asdf environment commands:
$ asdf --version
v0.9.0
$ asdf list
elixir
1.13.1
1.8.0-otp-21
1.8.1-otp-21
1.8.2
erlang
21.3.8.24
23.3.4.4
24.1
nodejs
17.3.0
ruby
3.0.3
3.1.0
yarn
No versions installed
$ asdf current
elixir 1.13.1 /Users/*/.tool-versions
erlang 24.1 /Users/*/.tool-versions
nodejs 17.3.0 /Users/*/.tool-versions
ruby 3.1.0 ASDF_RUBY_VERSION environment variable
yarn ______ No version is set. Run "asdf <global|shell|local> yarn <version>"The part confusing me most is that although I have successfully installed yarn through npm:
$ yarn --version
1.22.17and I can run Yarn commands, and when I try to set the version with asdf it fails:
$ asdf global yarn 1.22.17
version 1.22.17 is not installed for yarnI get this result when I run which:
$ which yarn
/Users/*/.asdf/shims/yarnI checked in the shims directory and there is indeed a Yarn binary there. Any ideas?
canterberry
commented
2 years ago Let's Encrypt famously had an expiring root CA certificate recently. When there's a change in root CAs like that, there are a few factors involved in order for things to keep operating smoothly:
The proprietors of the new root CAs (that's Let's Encrypt!) need to have their CA certificates incorporated into the various sets of trust anchors (CA certificates) included in various OS distributions.
Users (that's us!) need to update our copies of those trust anchors (CA certificates) to be up-to-date with the one that has the shiny new CA(s).
Website operators (that's Yarn!) need to update their certificates to be signed by the shiny new CA. This happens organically as the old certificates expire and get replaced.
The most likely culprit here is (2). Make sure you've got the latest CA certificates in your system trust store.
I'm not sure if this matters or not, but I've never tried using latest as the version. I wonder if this issue occurs only when trying to use that, as opposed to 1.22.17.
msimonborg
commented
2 years ago Thanks for the information! I was able to fix this issue but through a different route. After a brew upgrade I was updated to openssl@3 and my openssl symlinks were changed, and subsequent tries of asdf install yarn latest gave me a different error:
dyld: Library not loaded: /usr/local/opt/openssl/lib/libssl.1.0.0.dylib
Referenced from: /usr/local/bin/wget
Reason: image not foundThis Stack Overflow question did the trick for me and I can now install and switch between all versions of Yarn with asdf.
NB: asdf install plug-in latest has worked for me with every plug in (and is working now with Yarn), and the original issue I was having was the same whether I ran that command or asdf install yarn 1.22.17
canterberry
commented
2 years ago Yikes! Downgrading OpenSSL to a deprecated version is dangerous and I would definitely not recommend that. Even if it technically fixes the problem right now, it makes your system susceptible to current and future security vulnerabilities that the openssl team has not committed to support in backporting/patching.
https://www.openssl.org/source/
It seems like the problem is wget which is used by this plugin by default, and which also needs to be updated after a major-version upgrade to openssl. With Homebrew managing some system-level packages and MacOS managing others, things can get really wonky in particular after OS upgrades.
If you didn't install wget via Homebrew, I'd recommend upgrading openssl back to the latest supported version (v3) then brew install wget, which should, in theory, get you into a healthy state where you're up-to-date and asdf plugins like this one which use wget are also working.
msimonborg
commented
2 years ago This did it for me! I appreciate your advice. The following chain of commands now has me smoothly installing yarn with openssl@3:
brew reinstall openssl@3
ln -sfn /usr/local/Cellar/openssl@3/3.0.1 /usr/local/opt/openssl
brew install wget
asdf install yarn [latest|1.22.17]Much obliged, cheers!
PixelTom
commented
2 years ago Just sneaking in here to say that this also helped me with yarn 1.22.19. Thank you @msimonborg
thewoolleyman
commented
1 year ago None of the above worked for me.
I just ended up hacking ~/.asdf/plugins/yarn/bin/install to add a --no-check-certificate to all the wget commands and comment out the ... gpg --verify ... line.
That got yarn installed and I could move on with my life...
nick-f
commented
1 year ago I was seeing the same issue today but the other suggestions didn't work for me.
For some reason (that I've not worked out) the ca-certificates symlinks were broken in my brew install.
brew doctor kind of hinted at this:
$ brew doctor
Warning: Broken symlinks were found. Remove them with `brew cleanup`:
/usr/local/etc/gnutls/cert.pem
/usr/local/etc/openssl@1.1/cert.pem
/usr/local/etc/openssl@3/cert.pembrew reinstall ca-certificates then re-running the asdf install command worked for me. No changes to the plugin's code were required to get it working again so conflicts won't happen when the plugin is updated in the future. 🚀