EINVRES Request to https://bower.herokuapp.com/packages/ failed with 502 - javascript

Bower install fails with 502 - Bad Gateway when downloading bower packages.
For example bower install for ember library gives following response in command line.
EINVRES Request to https://bower.herokuapp.com/packages/ember failed
with 502
When http://bower.herokuapp.com/ is accessed directly from URL it gives the following message.
This Bower version is deprecated. Please update it: npm install -g
bower. The new registry address is https://registry.bower.io

Bower is deprecating their registry hosted with Heroku. http://bower.herokuapp.com/ Will not be accessible anymore or it might be down intermittently, therefore, forcing users to a new registry.
Users working on old bower versions can update the .bowerrc file with the following data.
{
"registry": "https://registry.bower.io"
}
.bowerrc file can be located at the same folder where bower.json and bower_components folder is located. If it is not present already, you can make one.
For references check the below links
https://twitter.com/bower/status/918073147789889536
https://gist.github.com/sheerun/c04d856a7a368bad2896ff0c4958cb00

Simplest solution is to just upgrade bower to latest version
If installed via NPM:
npm i -g bower

When using asp.net core then should change something like this. bowerrc.json you can find inside project folder.
{
"registry": "https://registry.bower.io",
"directory": "wwwroot/lib"
}

If you use windows to install npm, You must run "Node.js command prompt" with administrator and run this command: npm i -g bower.
I tried and worked :)

echo '{"registry": "https://components.bower.io","directory": "wwwroot/lib"}' > .bowerrc

Related

Running node app without node_modules folder

My professor wants us to submit our project for our node.js app but we are not allowed to include node_modules in the submission.
When I try to run the app without the folder in there, it crashes due to missing dependencies.
Am i missing a step?
Presumably either
you're not supposed to use third-party dependencies in your solution (just the core Node.js modules), or
you're not supposed to include node_modules in your submission (which is good practice anyway), but instead just have a package.json (and possibly a lockfile) so your instructor can npm i / yarn to install the packages.
When building an app that has node_modules you aren't supposed to include this anyway.
Install any node_modules that are required for your application to run and when sibmitting just leave out the node_modules folder.
Your package file will include everything that your instructor can check over or install on their end if necessary.
I found this random example on github: https://github.com/hayanisaid/nextjs-intro-example
As you can see by looking they have there package files but no node_modules, when you clone this repo you would run npm install which would create and install the packages
package.json contains information about node modeuless.
If u deleted node modules, you just have to run npm i --save.
All the dependency will be downloaded through this.
Just use npm/yarn install if you remove the folder.

npm install: Verfication failed while extracting

READ BEFORE ANSWER: I've already solved this issue. It was a caching issue on the npm servers. Everything works fine after switching to GitHub packages. I've already accepted my own answer.
I have a project, which I want to deploy to elastic beanstalk but sometimes the deploy fails on the npm install script with the following message:
npm ERR! code EINTEGRITY
npm ERR! Verification failed while extracting #my-package#^1.2.0:
npm ERR! Verification failed while extracting #my-package#^1.2.0:
npm ERR! sha512-lQ...HA== integrity checksum failed when using sha512: wanted sha512-lQ...HA== but got sha512-nH...ow==. (4835509 bytes)
It fails even on packages which are severel weeks old.
I’ve tried:
npm cache clean --force
npm cache verify
node_modules is in .npmignore
package-lock.json is in .npmignore
Writing a mail to support#npmjs.com, but they replying always with some helpless default replies without any solution or intention to help.
It fails even on new elastic beanstalk instances.
I have no idea how to solve this problem.
EDIT: I've also tried to delete the npm cache while preinstall script, but it doesn't work either.
EDIT2: My repo has no package-lock.json.
EDIT3: My .npmrc file has the following content
//registry.npmjs.org/:_authToken=${NPM_TOKEN}
unsafe-perm=true
package-lock=false
strict-ssl=false
EDIT4: I think it wasn't clear: It's a private package on the official npm registry. And it doesn't fail always. The current publish process includes several attempts to deploy on aws instance so long as it's succeed.
Have u try to delete package-lock.json?
OR
Try to delete npm and npm-cache folders
THEN
re-run npm install
Not exactly your case, but for those who run into the "integrity checksum failed" error the following might help. But first make sure you understand what's going on. npm tells you that the checksum from https://registry.npm.org doesn't match the one from package-lock.json. Either it changed in the registry, or...
Consider a line from the output:
npm ERR!
sha512-lQ...HA==
integrity checksum failed when using sha512: wanted
sha512-lQ...HA==
but got
sha512-nH...ow==
. (4835509 bytes)
Find the package in package-lock.json by the first two integrity checksums (sha512-lQ...HA==), and put the third one (sha512-nH...ow==) into its "integrity" field.
More on it here.
It seems to be a caching issue at the npm servers. We've switched from npm to GitHub packages, everything works fine there.
It could be that the version of NPM on these instances are out of date. Could you try either: npm install -g npm
Have you made sure that when this is deployed to beanstalk that the package-lock file is not on the instance? - If you have a bad lock file it needs to be deleted and re-generated.
Short of that, would need more information as you seem to have exhausted a lot of options.
This can happen if you request a version that is not available on the registry.
With #my-package#^1.2.0 you're requesting a version between >=1.2.0 and <2.0.0. Could it be that on this registry there is only a version that is older than 1.2.0 or newer than 2.0.0? Npm will install whatever it gets and not raise an error here.
You can check the version you get in an npm install by looking into node_modules/my-package/package.json.
If this is not happening when doing a local npm install, check wether the npm registry Amazon uses is containing your my-package package.
You could try to add the official npm registry to your Beanstalk project to check if it was the Amazon npm registry that did not contain your package. See How to use a private npm registry on Elastic Beanstalk? how to do this.
It seems to be a package-lock.json issue.
As in this answer
If you have not pushed package-lock.json in your repo, it will be generated while running npm install. So it is always better to add package-lock.json in the repo to avoid inconsistent package-lock.json files across local machine and deployment machine.
Could you please try pushing a fresh package-lock.json file to the repo and try?
In my case, as razki alludes to, the version of npm/node on the build server differed significantly from the version on the developer's local computer. Updating to a close enough version got rid of this problem.
For example:
The build server had: npm/6.13.4 node/v12.14.1
The developer has:    npm/6.14.8 node/v14.15.1.
The build server now: npm/6.14.10 node/v14.15.4
It seems the different versions calculate the sha differently for the same package. This is why removing the package-lock.json file can work in this particular situation - at least for a while, until the computer with the different version tries to build the project again.
Basically its concern about npm registery, Some home npm registery has been updated to another url.
You can run below command to see npm registery
npm config get registry
It should be set it
https://registry.npmjs.org/
If its not then run below command
npm config set registry https://registry.npmjs.org/
It will set npm registery. Now you can try again for
npm i
and it will install package successfully.

Using specific version of npm shrinkwrap

I am deploying my node.js app to Appfog but since their install script cannot parse npm-shrinkwrap.json the whole deploy process fails.
An example dependency in shrinkwrap.json today looks like this
"async": {
"version": "0.2.10",
"from": "async#0.2.10", <--- This line breaks install script at appfog
"resolved": "https://registry.npmjs.org/async/-/async-0.2.10.tgz"
},
I went through the whole shrinkwrap file and removed the "from" part from each dependency declaration and i managed to upload my application, and it works.
So my question is , how do i use an older version of npm shrinkwrap so i can get the version of shrinkwrap.json that i need?
Appfog support told me i need to use version 1.1.21 but i have not succeeded in installing it.
Please ask if some info is missing.
if you just want to use an older version of npm, you can install it via npm (i know that sounds strange, but its possible)
npm install npm#1.1.21
edit: so you try to install a version of npm which does not exist. just run
npm view npm
and take a look at the property version, to see which versions you could install via npm.
you will see that 1.1.21 does not exist in the registry, which means that you should try to install it via github (see answer by #sakai).
but then you see the next problem. you are using node#0.10.26, and npm 1.1.21 is probably not compatible with node#0.10.x.
so i for myself see basically 2 possible solutions:
Solution 1:
use n (or maybe nvm for switching node-versions back and forth. you could try to install a node#0.8.x version and try to install npm#1.1.21 there, and when done with shrinkwrapping switch back to your current node version.
Solution 2
you could setup some kind of grunt/gulp-task (i hope you use one of them) to run grunt/gulp shrinkwrap, which generates your shrinkwrap.json (via npm shrinkwrap) and when done cleans up your shrinkwrap.json
Try this:
npm install https://github.com/npm/npm/archive/v1.1.21.tar.gz
node ./node_modules/npm/bin/npm-cli.js shrinkwrap
Another—possibly simpler—solution is to just include node_modules into your repo.
Related: Should I check in node_modules to git when creating a node.js app on Heroku?

npm install forked git with submodule

I'm trying to get npm to install node-gitteh as a dependency via npm install which reads from package.json. Unfortunately this npm package is broken in node 0.6.x, but no problem as there's a forked repo that fixes the issues (https://github.com/hughsk/node-gitteh.git).
Now the issue is that this forked repo has a submodule, so if I try to download the tar from github in the package.json:
, "dependencies" : {
"gitteh" : "https://github.com/hughsk/node-gitteh/tarball/master"
}
I get an error that equates to "submodule folder not found". If I clone the same repo manually and do a recursive submodule update and an npm install from the node-gitteh folder, it works fine, but I can't figure out how to get npm to do this.
I've had the same problem and so far have just relied on cloning my module into node_modules and doing a submodule update manually. It would be nice to have npm handle this automatically.
In package.json there's a scripts field (see npm docs)
So could do
"scripts":{"preinstall": "git submodule update -i -r"}
See https://github.com/isaacs/octave-test for an example of this.
According to the docs, you need to supply the git url in a special format.
Also, it needs to point to git repo (same address you would use for git clone), not the tarball provided by github.
In your case (git over https), it would be:
, "dependencies" : {
"gitteh" : "git+https://github.com/hughsk/node-gitteh"
}
Using this, npm will default to the master branch.

Using npm to install or update required packages just like bundler for rubygems

I love Bundler, it's great at dependency management. I love npm, installing node packages is easy! I have a nodejs app and would love to be able to specify my apps dependencies and easily install / update them wherever I deploy my app. This isn't a library I'm releasing, it's a full fledged web-app.
I'm aware of the npm bundle command, but that just seems to simply override the directory where packages are installed.
I'm used to using bundler in this fashion:
# Gemfile
gem "rails", "3.0.3"
Installs rails v3.0.3 and any other required gems on the host machine only if it doesn't already exist
> bundle install
How can I achieve something similar with npm?
As of npm 1.0 (which is now what you get by default if you follow the steps in the README file), "bundle" is no longer a segregated thing -- it's just "how it works".
So:
Put a package.json file in the root of your project
List your deps in that file
{ "name" : "my-project"
, "version" : "1.0.0"
, "dependencies" : { "express" : "1.0.0" } }
npm install Since you're calling this with no args, and not in global mode, it'll just install all your deps locally.
require("express") and be happy.
Edit: This only applies to npm versions < 1.0
It was quite difficult to figure this out, but NPM makes this possible.
You need three components
A subdirectory in your repository (i.e. deps/)
A package.json file in the above directory that lists dependencies
An index.js file in the above directory that requires your dependencies
Example
Imagine that express is your only dependency
deps/package.json
note: Increment the version # each time you modify the dependencies
{
"name": "myapp_dependencies",
"version": "0.0.1",
"engines": {
"node": "0.4.1"
},
"dependencies":{
"express": "2.0.0beta2"
}
}
deps/index.js
export.modules = {
express: require('express')
//add more
}
Now you should be able to install your dependencies using npm. You could even make this part of your deployment process
cd deps
npm install
Then within your app code you can get access to your specific version of express like this:
var express = require('myapp_dependencies').express;
You should read these two articles from Isaacs(author npm) blog. I think they are really good, and I believe tell you how to achieve your goal:
http://blog.izs.me/post/1675072029/10-cool-things-you-probably-didnt-realize-npm-could-do
http://foohack.com/2010/08/intro-to-npm/
I believe link #1(point #11) explains this:
11: Bundle all your dependencies into the package itself
When you use the
npm bundle command, npm will put all
your dependencies into the
node_modules folder in your package.
But it doesn’t stop there.
If you want to depend on something
that’s not on the registry, you can do
that. Just do this:
npm bundle install
http://github.com/whoever/whatever/tarball/master
This will install the contents of that
tarball into the bundle, and then you
can list it as a dependency, and it
won’t try to install it when your
package gets installed.
This also is handy if you have your
own fork of something, and would
prefer not to change the name.
In fact, you can run almost any npm
command at the bundle. To see what’s
inside, you can do npm bundle ls. To
remove something, do npm bundle rm
thing. And, of course, you can install
multiple versions and activate the one
you want.
As of Npm version 1.1.2 , there's a new command npm shrinkwrap which creates an npm-shrinkwrapped.json file, analogous to Gemfile.lock. It's important to make one, to prevent software rot (see Bundler's rationale). Particularly as Nodejs has such a fast moving community.
While bundle install creates a Gemfile.lock automatically, npm install won't create npm-shrinkwrapped.json (but will use it when it exists). Hence you need to remember to use npm shrinkwrap.
Read a full guide at http://blog.nodejs.org/2012/02/27/managing-node-js-dependencies-with-shrinkwrap/
It seems to me that the simplest solution is to use a package.json file with the private flag (added to npm just last month) set to true. That way, you can run npm install or npm bundle to grab your project's dependencies, but you prevent anyone from accidentally publishing your non-public project.
Here's an example package.json:
{
"name": "yourProject"
,"version": "1.0.0"
,"dependencies": { "express" : ">=2.1.0" }
,"private": true
}
Running npm install will install express on the local system if it doesn't already exist; running npm publish gives an error because of the "private": true.
You and your team can use the version tag internally to track dependency changes over time—each time you change a dependency, bump the version. To see which version you've installed, use npm ls installed.
Publish your app with npm as well, and list its dependencies in your package.json file.
When someone uses npm to install your package, npm will take care of resolving its dependencies.
Packages spec: http://wiki.commonjs.org/wiki/Packages/1.0

Categories