Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Loading upstream tarball doesn't respect package.proxy array

See original GitHub issue

Describe the bug

Having multiple uplinks point to the same registry, the package.proxy array gets ignored. Instead we’ll walk through the uplinks and select the last one in the list that can serve the URL we’ve found for our upstream tarball.

To Reproduce

storage: ./storage

uplinks:
  cachednpm:
    url: https://registry.npmjs.org/
    cache: true
  npmjs:
    url: https://registry.npmjs.org/
    cache: false

packages:
  '**':
    access: $all
    publish:
    proxy: cachednpm

Run with above config (listening on localhost)
Try requesting http://localhost:4873/@verdaccio/streams/-/streams-8.5.2.tgz
Notice that ./storage/@verdaccio/streams/streams-8.5.2.tgz does not exist

The uplink chosen here was npmjs, not cachednpm.

Expected behavior

Making the upstream request should respect the packages.proxy array. In this example, selecting cachednpm for it’s uplink, causing it to cache the tarball.

Environment information

Verdaccio version: 4.4.1
System:
    OS: Linux 5.0 Ubuntu 18.04.3 LTS (Bionic Beaver)
Binaries:
    Node: 12.13.1 - /usr/local/bin/node
    Yarn: 1.21.1 - /usr/local/bin/yarn
    npm: 6.13.4 - /usr/local/bin/npm

Additional context

I believe the culprit here is:

https://github.com/verdaccio/verdaccio/blob/32aabca6412afdd19a2603205d661f00a667088f/src/lib/storage.ts#L207-L211

The isUplinkValid check will be true for both uplinks. So the last one in the array will be selected. Perhaps it should be using hasProxyTo from src/lib/config-utils.ts?

Issue Analytics

State:
Created 4 years ago
Comments:12 (10 by maintainers)

Top GitHub Comments

2reactions

Beanowcommented, Jan 5, 2020

-        if (self.uplinks[uplinkId].isUplinkValid(file.url)) {
+        if (hasProxyTo(name, uplinkId, self.config.packages)) {

This change works for me. Though should probably add a unit test to prove.

0reactions

lock[bot]commented, Apr 15, 2020

🤖This thread has been automatically locked 🔒 since there has not been any recent activity after it was closed. We lock tickets after 90 days with the idea to encourage you to open a ticket with new fresh data and to provide you better feedback 🤝and better visibility 👀. If you consider, you can attach this ticket 📨 to the new one as a reference for better context. Thanks for being a part of the Verdaccio community! 💘

Top Results From Across the Web

Duo Authentication Proxy Reference - Duo Security

Open the Proxy Manager To launch the Proxy Manager utility: Open the Start Menu and go to Duo Security. Click the Duo Authentication...

Bug listing with status RESOLVED with resolution UPSTREAM ...

status:RESOLVED resolution:UPSTREAM severity:normal ... Bug:31398 - "mozilla-1.5 fails to compile accessproxy when merge with mozaccess" status:RESOLVED ...

Dependency Scanning - GitLab Docs

Supported languages and package managers ; Go, All versions, Go ; Java, 8, 11, 13, 14, 15, 16, or 17, Gradle ; Java,...

Can't install anything with npm ECONNRESET without proxy

Can anyone please help me? EDIT: Tried to downgrade to node 0.10 an run cmd as administrator, but it still doesn't work: C:\ ......

Pyodide - Read the Docs

Pyodide makes it possible to install and run Python packages in the ... If the server doesn't set CORS headers, you can use...