Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] The before date in .npmrc is not parsed as Date so every install fails #6235

Closed
1 task done
fregante opened this issue Mar 9, 2023 · 5 comments · Fixed by #6236
Closed
1 task done

[BUG] The before date in .npmrc is not parsed as Date so every install fails #6235

fregante opened this issue Mar 9, 2023 · 5 comments · Fixed by #6236
Assignees
@wraithgar
Labels
Bug thing that needs fixing Priority 1 high priority issue

Comments

@fregante
Copy link
Contributor

fregante commented Mar 9, 2023
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Current Behavior

As in the title, this .npmrc file will cause installs to fail because the value is passed to pacote as a string while pacote expects a Date:

before=2022-10-26

I'm opening the issue here because it can be fixed here, but it's possible this is a bug within npm-cli instead. I wasn't able to find the exact part that dealt with this conversion elsewhere.

https://github.com/npm/pacote/blob/7a560db966140db65b8f000de4d36eb36e0a7760/lib/fetcher.js#L125

❯ npm ci
npm ERR! this.before.toISOString is not a function

npm ERR! A complete log of this run can be found in:
npm ERR!     ~/.npm/_logs/2023-03-09T16_29_48_321Z-debug-0.log

Expected Behavior

A date in .npmrc should be handled the same way as a date passed as npm ci --before=2022-10-26T00:00:00.000Z

I don't know if a fix belongs here, but in my case it might be as easy as typeof before === string ? new Date(before) : before

Steps To Reproduce

npm init -y
echo 'before=2022-10-26T00:00:00.000Z' > .npmrc
npm install ky

Environment

  • npm: 9.6.0
  • Node: v18.13.0.
  • OS: macOS
  • platform:
@fregante fregante added Bug thing that needs fixing Needs Triage needs review for next steps labels Mar 9, 2023
@fregante fregante changed the title [BUG] npm ci doesn't parse the date in .npmrc as Date [BUG] The before date in .npmrc is not parsed as Date so every install fails Mar 9, 2023
@wraithgar
Copy link
Member

This is definitely an npm bug.

~/D/n/s/before $ cat .npmrc
before=2022-10-26
~/D/n/s/before $ node /Users/wraithgar/Development/npm/cli/branches/main/ config get before
2022-10-26
~/D/n/s/before $ node /Users/wraithgar/Development/npm/cli/branches/main/ config get before --before='2022-10-16'
Sat Oct 15 2022 17:00:00 GMT-0700 (Pacific Daylight Time)

@wraithgar wraithgar added Priority 1 high priority issue and removed Needs Triage needs review for next steps labels Mar 9, 2023
@wraithgar wraithgar transferred this issue from npm/pacote Mar 9, 2023
@wraithgar wraithgar self-assigned this Mar 9, 2023
@fregante
Copy link
Contributor Author

fregante commented Mar 9, 2023

Thanks! I also want to report that this is a regression. It worked in 2022 (npm v9.2.0):

npm install -g npm --before 2023
npm install ky

added 1 package, and audited 2 packages in 2s

1 package is looking for funding
  run `npm fund` for details

found 0 vulnerabilities

@wraithgar
Copy link
Member

The --before flag on the cli works fine. It's the parsing of the .npmrc file that is broken.

@fregante
Copy link
Contributor Author

fregante commented Mar 9, 2023

Yes my repro just use the flag to reset npm’s version, but the following npm install still uses the .npmrc file

@wraithgar
Copy link
Member

The underlying bug has always been there. Something between now and then is making pacote look at before when it didn't used to. Not worth tracking down why but instead the underlying bug should be fixed. It's still correct for pacote to expect an actual date object, as it always has.

~/D/n/s/before $ cat .npmrc
before=2022-10-26
~/D/n/s/before $ ./node_modules/.bin/npm config get before
2022-10-26
~/D/n/s/before $ ./node_modules/.bin/npm -v
9.2.0

@wraithgar wraithgar mentioned this issue Mar 9, 2023
Merged
@nlf nlf closed this as completed in #6236 Mar 14, 2023
@fregante fregante mentioned this issue Mar 16, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@wraithgar wraithgar

Labels
Bug thing that needs fixing Priority 1 high priority issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: parse date objects from config files npm/cli
2 participants
@wraithgar @fregante