Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] git dependency installed with npm ci triggers error with npm prune --production #514

Closed
Cherry opened this issue Nov 22, 2019 · 4 comments · Fixed by #673
Closed

[BUG] git dependency installed with npm ci triggers error with npm prune --production #514

Cherry opened this issue Nov 22, 2019 · 4 comments · Fixed by #673

Comments

@Cherry
Copy link

Cherry commented Nov 22, 2019

When installing some git dependencies using the Docker image node:10-alpine via npm ci, attempts to npm prune --production result in an error like:

npm ERR! code 128
npm ERR! Command failed: git clone --mirror -q https://github.com/nodecraft/ampify.git /root/.npm/_cacache/tmp/git-clone-6573274f/.git
npm ERR! fatal: could not create leading directories of '/root/.npm/_cacache/tmp/git-clone-6573274f/.git'

To help replicate the issue, I have a directory that contains a package.json and package-lock.json. I then have a Dockerfile which when building, illustrates the issue.

I've created a repository at https://github.com/Cherry/npm-prune-ci-bug detailing this, including commands to run to replicate the issue.

Last known working version: 6.10.3. This issue does not occur if I use npm version 6.10.3 or earlier.
Tested versions that throw the above error:

6.11.0
6.11.1
6.11.2
6.11.3
6.12.1
6.13.1

It appears this regression was introduced in 6.11.0, and exists through to the latest version.

If I can provide any further information, please let me know.
Cherry added a commit to Cherry/npm-prune-ci-bug that referenced this issue Nov 22, 2019
@Cherry
chore: add npm/cli issue link
bf9d798 
npm/cli#514
@sdanieru
Copy link

sdanieru commented Dec 4, 2019

This was a breaking change for our builds when we bumped node:10.16 to node:10.17 (since that bumps npm 6.9.0 to 6.11.3)
Thanks @Cherry for writing this up!

@Cherry
Copy link
Author

Cherry commented Dec 12, 2019

Is there any update or resolution to this issue? With the recent security advisory to update to 6.13.4, this issue is preventing us from ensuring our team and their systems are safe.

@doochik doochik mentioned this issue Dec 23, 2019
Closed
@isaacs
Copy link
Contributor

isaacs commented Dec 30, 2019

Looks like a duplicate of #624.

@Cherry
Copy link
Author

Cherry commented Dec 30, 2019

Seems like it, yes. This was created before #624 but that issue has more discussion. I'll go ahead and close this issue and leave the discussion there.

@Cherry Cherry closed this as completed Dec 30, 2019
isaacs added a commit to npm/pacote that referenced this issue Dec 30, 2019
@isaacs
fix(git): Do not drop uid/gid when executing in root-owned directory
d2f4176 
Fix: npm/cli#624
Fix: npm/cli#642
Fix: npm/cli#514

Infer the ownership of a git command invocation based on the cwd, if one is
specified.
@ruyadorno ruyadorno mentioned this issue Jan 9, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Release 6.13.6 npm/cli
4 participants
@isaacs @Cherry @sdanieru and others