Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to work around broken dependencies (colors.js) #781

Closed
RPGillespie6 opened this issue Jan 9, 2022 · 11 comments
Closed

How to work around broken dependencies (colors.js) #781

RPGillespie6 opened this issue Jan 9, 2022 · 11 comments

Comments

@RPGillespie6
Copy link

http-server won't launch because of Marak/colors.js#285

I tried downloading older versions of http-server but the issue persists.

How do I work around this? My pipeline is broken. Please consider locking in specific known-working versioned dependencies in package.json instead of just grabbing the latest which may pull in broken/malicious/woke/protest dependencies.

@DanielRuf
Copy link

You can use resolutions or patch-package to "fix" this as described at Marak/colors.js#285 (comment).

@thornjad
Copy link
Member

Ah crap, not this again. At least this time colors isn't as integral to http-server as when ecstatic did this. Give me a little time to catch up this latest drama and I'll accept one of the two PRs for this.

@nlucero
Copy link

nlucero commented Jan 10, 2022

@thornjad Thanks for the fast response. Do we have an ETA on when will a fix be merged?

@thornjad
Copy link
Member

Barring any hiccups, I'll merge and release a fix today. I'll also try to backport the fix to the v13 line because I know there are some unrelated issues with the v14 release for some folks.

@thornjad thornjad pinned this issue Jan 10, 2022
@thornjad thornjad changed the title How to work around broken dependencies How to work around broken dependencies (colors.js) Jan 10, 2022
@thornjad
Copy link
Member

Merged #785, just going to see what the tests do (I know Node 17 has some problems) before tagging a release. I'll backport to v13 later today.

@DanielRuf
Copy link

@thornjad Node 17 and and other Node release with an odd major version number is not recommended in general as these are no LTS releases but short living test branches.

@thornjad
Copy link
Member

thornjad commented Jan 10, 2022

That's why I haven't put it on a high priority, but I'd prefer to support it. They are more than just test branches, while not LTS, it is a proper full release, and provide a view of what the next LTS will contain. But its especially frustrating that it works fine in every local environment I've put it in, but gh-actions fails consistently.

@thornjad
Copy link
Member

🎉 Published to npm! Check for versions v14.1.0 or v13.1.0

@NicholasBoll
Copy link

I see the 14.1.0 Github release, but npm doesn't seem to have it yet :(

@thornjad
Copy link
Member

npm has a lot of caching in place to deal with the enormity of the traffic it serves, so it might take a while, maybe even a few hours, to show up for everyone. I've verified it did publish though, so its just a matter of time!

@NicholasBoll
Copy link

I see it now. Thanks. I figured npm was behind with caching. After an hour I got a little worried.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
5 participants