Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Specifying hash in the package json is not working #3109

Open
alansouzati opened this issue Apr 11, 2017 · 5 comments
Open

Specifying hash in the package json is not working #3109

alansouzati opened this issue Apr 11, 2017 · 5 comments
Labels
cat-bug good first issue help wanted high-priority triaged

Comments

@alansouzati
Copy link

Do you want to request a feature or report a bug?

Report a bug

What is the current behavior?

I have a stable branch in my project that gets updated every time the CI build passes.
Eventually we want to be able to use that branch in our package.json, but I'm facing yarn issues with bad hash. See this other related issue: #1916.

So to try and fix the hash issue we decided to specify the commit hash in the package.json itself, but yarn seems to be ignoring that entry.

If the current behavior is a bug, please provide the steps to reproduce.

Here is our package.json entry:

{
   ...
   "dependencies": {
      "grommet": "https://github.com/grommet/grommet/tarball/stable#85a1b40e4616fe54e4e13fdd9350128d1f0508e6",
   }
}

Here is the yarn.lock section:

"grommet@https://github.com/grommet/grommet/tarball/stable#85a1b40e4616fe54e4e13fdd9350128d1f0508e6":
  version "1.3.4"
  resolved "https://github.com/grommet/grommet/tarball/stable#2e18b1cba634cd1cfda9a3d601ae74fe77eacee1"

What is the expected behavior?

You can see that the yarn.lock resolved to latest hash in my stable branch, where I was expecting it to resolve to the hash that I've specified.

Please mention your node.js, yarn and operating system version.

Node: v7.3.0
NPM: 3.10.10
Yarn: 0.21.3
@alansouzati
Copy link
Author

Also, if I delete my yarn.lock file and try yarn install again, I keep getting the bad hash problem.

@alansouzati
Copy link
Author

alansouzati commented Apr 11, 2017
edited
Loading

If I update my package.json to the following, it works locally, but fails in the CI with a log "Couldn't find the binary git". This seems related to #2083.

{
   ...
   "dependencies": {
      "grommet": "https://github.com/grommet/grommet.git#85a1b40e4616fe54e4e13fdd9350128d1f0508e6",
   }
}

@WoodyWoodsta WoodyWoodsta mentioned this issue Apr 22, 2017
Closed
@chaitan94
Copy link

Seems to work as expected if we use git://github.com/grommet/grommet.git#85a1b40e4616fe54e4e13fdd9350128d1f0508e6 instead of https://github.com/grommet/grommet/tarball/stable#85a1b40e4616fe54e4e13fdd9350128d1f0508e6

Does that help?

@nkayurov-newforma
Copy link

It should work the same regardless of the protocol: git, git+https or https. We observe the same issue in our repository and we cannot use git protocol.

@mcclure
Copy link

mcclure commented Oct 27, 2020

One reason you might prefer to use https:// rather than git:// urls in this situation is that git:// URLs only work with github if you are on a machine with valid github SSH keys. Github allows anonymous access but only through https:// . Please correct me if I am wrong.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
cat-bug good first issue help wanted high-priority triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@BYK @mcclure @alansouzati @bestander @chaitan94 @nkayurov-newforma