npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

Npm audit returns Bad Request (error 400) for GitHub dependencies which are required by other dependencies - draft-js example

What I Wanted to Do

I wanted to audit my package (npm audit)

What Happened Instead

Error 400 returned - Bad Request

Reproduction Steps

Use the following package.json:

{
    "name": "test",
    "version": "1.0.0-SNAPSHOT",
    "private": true,
    "dependencies": {
        "draft-js": "git+https://github.com/facebook/draft-js.git",
        "draft-js-custom-styles": "^2.0.4"
    }
}

Run the following commands:

npm install
npm audit

Error 400 is returned on running npm audit.

Details

Platform Info

$ npm --versions
{ test: '1.0.0-SNAPSHOT',
  npm: '6.4.1',
  ares: '1.10.1-DEV',
  cldr: '32.0',
  http_parser: '2.8.0',
  icu: '60.1',
  modules: '57',
  napi: '3',
  nghttp2: '1.32.0',
  node: '8.11.4',
  openssl: '1.0.2p',
  tz: '2017c',
  unicode: '10.0',
  uv: '1.19.1',
  v8: '6.2.414.54',
  zlib: '1.2.11' }
$ node -p process.platform
win32

Important note

Please note that similar issue was raised in support channel a couple of months ago (400s coming back from registry on npm audit) with discussion of the potential problem and agreement was reached to file a bug report, but I haven’t found it. Now I’m filing a bug report with a short reproducible sample for the same issue.


This is the bug I opened subsequently. Appears to be the same issue at a casual glance.


Having the same issue

$ npm --versions
{ panel: '1.0.0',
  npm: '6.4.1',
  ares: '1.10.1-DEV',
  cldr: '31.0.1',
  http_parser: '2.7.0',
  icu: '59.1',
  modules: '57',
  nghttp2: '1.25.0',
  node: '8.9.4',
  openssl: '1.0.2n',
  tz: '2017b',
  unicode: '9.0',
  uv: '1.15.0',
  v8: '6.1.534.50',
  zlib: '1.2.11' }
$ node -p process.platform
win32


confirmed as duplicate