-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error downloading git repo over HTTP without a commit hash #2117
Comments
For private packages internal to our organization, publishing to an NPM repo adds unnecessary overhead. We definitely make heavy use of Git repos for long term storage. It would be great to have this fixed sooner than later, at least to return to parity with |
this is happening for me as well with version
|
Excuse me, is there any solution except of specifying dependency version? |
The error may be misleading... if you inspect the error it could be a slightly different problem:
The above output comes from here: So I set
It appears yarn is converting anything that is http to https which may not always be desired here: By yarn automatically converting http to https it causes the error for me and maybe for you too. A PR would just need to remove the auto conversion to https before it checks that the git repos exists but still check the git repos exists whether it is http or https. |
* test for https but fallback to http if necessary * add lang key for https * fix broken tests
This is still a standing issue :( I've been affected many times thus far and only now decided to look for the issue. Does anyone have any news? |
@fabiosantoscode it looks like the error is triggered here: Line 151 in 67dfc7a
It looks like it is likely executing this command (which does not fail for me when running on the command line):
You could put a trace statement here to see what actual error is being generated: Line 113 in 67dfc7a
I would just specify the hash if you can though. |
Still present in version 0.27.5 |
Specifying the hash would pin the commit forever, and in a project with a dependency in a separate repository you want it to roll forward. This failure looks like it's by design, as yarn is simply refusing to clone the repository without a hash, which is more secure but not always what one would want. The alternative, which is to specify a github tarball URL, also only works if you pin the version. Otherwise, a commit comes in, the tarball for master changes, and the hash doesn't match yarn.lock anymore and the install fails. |
any updates? |
+1 |
We also have problems with this issue. |
|
This should be fixed on 1.0+. Is anyone willing to confirm? |
I still got this error
v1.1.0 |
+1 |
FWIW, I had the same issue until I changed my password to something without |
@BYK I can confirm that this is still present in 1.2.0 (also, changing passwords didn't do anything for us) |
My colleague and I worked through this issue all day so bit hard to pinpoint exactly what fixed it but I believe the following should help. If you are on macOS Sierra, it might be a SSH agent forwarding issue, so follow the steps bellow: If you get to the end and running Then test to see if it has worked using: Now try if you get this error: follow these steps: ps. I'm using yarn version |
Still an issue with v.1.2.0 |
also happens when running |
+1 |
So I think the current behavior was intentional due to security concerns. Maybe we should understand why this is needed in the first place? |
@BorntraegerMarc it probably happens because alpine doesn't have git package as default. this might help you:
|
If you're on OSX, |
My team had a similar issue, and in our case it was caused by a colon instead of slash in the package.json. Strange thing is, that the "colon version" worked for quite a time in our codebase. Error: Ok: |
This doesn't seem to be a problem on my localhost, but when i build in a container (node:carbon) its an issue. In this case, you can copy your yarn.lock into the container and it should have the hashes for the sem-versions. |
I'm still having the issue. When cloning protected projects, git ask user to enter his username & his password:
Why yarn can't do this? Version 1.3.2 |
Adding to this... it seems that Yarn on Windows uses its own Git rather than what's in the path. Therefore, if you've configured Git to use PuTTY and its agent, you can't expect Yarn to work this way. This has thrown the error in question for me. |
We have just received the same error, and we can do git clone just fine on that repo. |
@bradisbell I didn't configured Git to use PuTTY. If you see my post, in my question, I'am using an |
I had a similar issue with a private repo over HTTPS. Instead of adding the username and password to the URL I added the username to the global
It is documented under gitcredentials. The first time it is used it will ask for the password, so by first cloning the repo and entering the password it can be saved for the future in the Keychain (not sure for other systems). Then it worked without a problem with |
Stil has no workaround but should append commit hash to url? |
I fixed it on my mac os machine by changing the node version to 8 |
I was getting such kind of problem when trying to |
Yarn version: 0.17.10
I want to report a bug.
Current behavior
An attempt to install dependency from a git repo with specified branch, fails with message:
Steps to reproduce: call
yarn
in project with package.json containing:or call command:
yarn add git+http://url.of.the.dependency/git.repo.name.git#develop
Expected behavior
Dependency specified by git url should be installed. Branch specified after
#
should be used.Command:
yarn upgrade git+http://url.of.the.dependency/git.repo.name.git#develop
Should install dependency using latest commit from a specified branch (skipping yarn cache)
Additional info
In
yarn@0.16.*
commandyarn add
worked as expected in specified scenario.The text was updated successfully, but these errors were encountered: