timestamps before 1980 - Githubissues

zkat / ssri

Standard Subresource Integrity library for Node.js

Other

82 stars 13 forks source link

timestamps before 1980 #11

Closed andrewkslv closed 6 years ago

andrewkslv commented 6 years ago

ZIP does not support timestamps before 1980. It's the case of plenty issues. For instance, it's already happened here https://github.com/mishoo/UglifyJS2/issues/2054

$ ll ./node_modules/ssri

total 96
-rw-r--r--  1 watashi  staff   7.4K Jan  1  1970 CHANGELOG.md
-rw-r--r--  1 watashi  staff   755B Jan  1  1970 LICENSE.md
-rw-r--r--  1 watashi  staff    18K Jan  1  1970 README.md
-rw-r--r--  1 watashi  staff    10K Jan  1  1970 index.js
-rw-r--r--  1 watashi  staff   1.4K Jan  1  1970 package.json

luke-robertson commented 6 years ago

Same issue here screen shot 2018-03-06 at 15 36 42

I think this needs ugilify updating

zkat commented 6 years ago

This is not an issue with ssri. And npm's next release is setting the tarball dates to a post-1980 date so you can still get reproducible builds.

Seeing as it's not an ssri issue, I'm closing this.