Npm audit returns Bad Request (error 400) for GitHub dependencies which are required by other dependencies - draft-js example


(Alexey Subach) #1

What I Wanted to Do

I wanted to audit my package (npm audit)

What Happened Instead

Error 400 returned - Bad Request

Reproduction Steps

Use the following package.json:

{
    "name": "test",
    "version": "1.0.0-SNAPSHOT",
    "private": true,
    "dependencies": {
        "draft-js": "git+https://github.com/facebook/draft-js.git",
        "draft-js-custom-styles": "^2.0.4"
    }
}

Run the following commands:

npm install
npm audit

Error 400 is returned on running npm audit.

Details

Platform Info

$ npm --versions
{ test: '1.0.0-SNAPSHOT',
  npm: '6.4.1',
  ares: '1.10.1-DEV',
  cldr: '32.0',
  http_parser: '2.8.0',
  icu: '60.1',
  modules: '57',
  napi: '3',
  nghttp2: '1.32.0',
  node: '8.11.4',
  openssl: '1.0.2p',
  tz: '2017c',
  unicode: '10.0',
  uv: '1.19.1',
  v8: '6.2.414.54',
  zlib: '1.2.11' }
$ node -p process.platform
win32

Important note

Please note that similar issue was raised in support channel a couple of months ago (400s coming back from registry on npm audit) with discussion of the potential problem and agreement was reached to file a bug report, but I haven’t found it. Now I’m filing a bug report with a short reproducible sample for the same issue.


(Josh Clow) #2

This is the bug I opened subsequently. Appears to be the same issue at a casual glance.


(XzeroD) #3

Having the same issue

$ npm --versions
{ panel: '1.0.0',
  npm: '6.4.1',
  ares: '1.10.1-DEV',
  cldr: '31.0.1',
  http_parser: '2.7.0',
  icu: '59.1',
  modules: '57',
  nghttp2: '1.25.0',
  node: '8.9.4',
  openssl: '1.0.2n',
  tz: '2017b',
  unicode: '9.0',
  uv: '1.15.0',
  v8: '6.1.534.50',
  zlib: '1.2.11' }
$ node -p process.platform
win32