Message ID | 20220830114445.704328-1-nhorman@gmail.com |
---|---|
State | Accepted, archived |
Commit | 2cd76e8aabe4e803c760e60f06cfe1f470714ec7 |
Headers | show |
Series | Fix npm to use https rather than http | expand |
diff --git a/lib/bb/fetch2/npm.py b/lib/bb/fetch2/npm.py index 8f7c10ac..8a179a33 100644 --- a/lib/bb/fetch2/npm.py +++ b/lib/bb/fetch2/npm.py @@ -156,7 +156,7 @@ class Npm(FetchMethod): raise ParameterError("Invalid 'version' parameter", ud.url) # Extract the 'registry' part of the url - ud.registry = re.sub(r"^npm://", "http://", ud.url.split(";")[0]) + ud.registry = re.sub(r"^npm://", "https://", ud.url.split(";")[0]) # Using the 'downloadfilename' parameter as local filename # or the npm package name.
Hit this error while building nlf-native recently: { "error": { "summary": "URI malformed", "detail": "" } } Some poking about led me to discover that: 1) The npm.py tool replaces npm:// with http://, not https:// 2) Some versions of the npm tool don't handle 301 redirects properly, choosing to display the above error instead when using the default nodejs registry It would be good to go fix npm to handle the redirect properly, but it seems like it would also be good to assume secure http when contacting a registry, hence, this patch Signed-off-by: Neil Horman <nhorman@gmail.com> --- lib/bb/fetch2/npm.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)