The npm community forum has been discontinued.
To discuss usage of npm, visit the GitHub Support Community.
Your configured registry (https://registry.npmjs.org/) does not support audit requests.
I’m having (intermittent) trouble running audits on a namespaced package:
my-computer$ node --version v10.13.0 my-computer $ npm --version 6.4.1 my-computer $ npm audit npm ERR! code ENOAUDIT npm ERR! audit Your configured registry (https://registry.npmjs.org/) does not support audit requests. npm ERR! A complete log of this run can be found in: …
0 info it worked if it ends with ok 1 verbose cli [ '/Users/me/.nvm/versions/node/v10.13.0/bin/node', 1 verbose cli '/Users/me/.nvm/versions/node/v10.13.0/bin/npm', 1 verbose cli 'audit' ] 2 info using firstname.lastname@example.org 3 info using email@example.com 4 verbose npm-session ae8198aa32a23cc7 5 timing audit compress Completed in 16ms 6 info audit Submitting payload of 92242 bytes 7 http fetch POST 500 https://registry.npmjs.org/-/npm/v1/security/audits 50350ms 8 verbose stack Error: Your configured registry (https://registry.npmjs.org/) does not support audit requests. 8 verbose stack at Bluebird.all.spread.then.catch (/Users/me/.nvm/versions/node/v10.13.0/lib/node_modules/npm/lib/audit.js:172:18) 8 verbose stack at tryCatcher (/Users/me/.nvm/versions/node/v10.13.0/lib/node_modules/npm/node_modules/bluebird/js/release/util.js:16:23) 8 verbose stack at Promise._settlePromiseFromHandler (/Users/me/.nvm/versions/node/v10.13.0/lib/node_modules/npm/node_modules/bluebird/js/release/promise.js:512:31) 8 verbose stack at Promise._settlePromise (/Users/me/.nvm/versions/node/v10.13.0/lib/node_modules/npm/node_modules/bluebird/js/release/promise.js:569:18) 8 verbose stack at Promise._settlePromise0 (/Users/me/.nvm/versions/node/v10.13.0/lib/node_modules/npm/node_modules/bluebird/js/release/promise.js:614:10) 8 verbose stack at Promise._settlePromises (/Users/me/.nvm/versions/node/v10.13.0/lib/node_modules/npm/node_modules/bluebird/js/release/promise.js:689:18) 8 verbose stack at Async._drainQueue (/Users/me/.nvm/versions/node/v10.13.0/lib/node_modules/npm/node_modules/bluebird/js/release/async.js:133:16) 8 verbose stack at Async._drainQueues (/Users/me/.nvm/versions/node/v10.13.0/lib/node_modules/npm/node_modules/bluebird/js/release/async.js:143:10) 8 verbose stack at Immediate.Async.drainQueues [as _onImmediate] (/Users/me/.nvm/versions/node/v10.13.0/lib/node_modules/npm/node_modules/bluebird/js/release/async.js:17:14) 8 verbose stack at runCallback (timers.js:705:18) 8 verbose stack at tryOnImmediate (timers.js:676:5) 8 verbose stack at processImmediate (timers.js:658:5) 9 verbose cwd /Users/me/Code/my-project 10 verbose Darwin 18.2.0 11 verbose argv "/Users/me/.nvm/versions/node/v10.13.0/bin/node" "/Users/me/.nvm/versions/node/v10.13.0/bin/npm" "audit" 12 verbose node v10.13.0 13 verbose npm v6.4.1 14 error code ENOAUDIT 15 error audit Your configured registry (https://registry.npmjs.org/) does not support audit requests. 16 verbose exit [ 1, true ]
I also notice that when I ran
npm install, it changed a bunch of entries in my
package-lock.json along these lines:
- "integrity": "sha512-XsP0vf4As6BfqglxZqbqQ8SR6KQot2AgxvR0gG+WtUkf90vUXchMOZQtPf/Hml1rEffJupqL/tIrU6EYhsUQjw==", + "integrity": "sha1-CynUHmqA+p4tSlvp1gLh2dAhd/Y=",
This was raised in GitHub as npm/npm#20960, but was closed without being addressed.
I have no trouble running an audit on a non-namespaced package that consumes the namespaced package in question.
The HTTP response for
HTTP 500 Date: Tue, 27 Nov 2018 21:44:26 GMT Content-Type: application/json Content-Length: 31 Connection: keep-alive Set-Cookie: ,__cfduid=[REDACTED]; expires=Wed, 27-Nov-19 21:43:35 GMT; path=/; domain=.registry.npmjs.org; HttpOnly, Expect-CT: max-age=604800 report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary: Accept-Encoding Server: cloudflare CF-Ray,4807c5702c17541a-LAX X-Fetch-Attempts: 1 An error occurred
I don’t see much useful info in there, other than the 500, which points to an exception in the server.
(post withdrawn by author, will be automatically deleted in 24 hours unless flagged)
npm update then
Good idea! Sadly, I get the same output. I also tried
$ npm install -g npm $ npm audit
with the same results.
Since there was a recent deprecation for
fsevents, delete your
node_modules folder then try running
npm install -->
npm update -->
See also the possibly related bug report here:
(Edit: I somehow only registered that other report as being ‘npm audit returns 500’, and not that it was specifically about
@stephanie Sadly, no change after this, either.
@larsgw great find! Unfortunately,
$ npm ls event-stream @firstname.lastname@example.org /Users/jamesrosen/Code/fui-chrome └── (empty) $ npm ls flatmap-stream @email@example.com /Users/jamesrosen/Code/fui-chrome └── (empty)
But now I have a lead that the problem might be a yanked version, even if that package isn’t
Did you delete all your npm packages/node_modules?
$ rm -rf node_modules $ npm i $ npm update $ npm ls event-stream @firstname.lastname@example.org /Users/jamesrosen/Code/fui-chrome └── (empty) $ npm ls flatmap-stream @email@example.com /Users/jamesrosen/Code/fui-chrome └── (empty) $ npm audit (fails)
By selectively removing things from
package-lock.json, then running
npm audit, I’ve narrowed the problem down to a small handful of dependencies. One of them is
ember-cli-pagination@^3.1.3. I haven’t made it any further than that.
Hmm options you can try:
- Clearing your npm cache
- Downgrading that version of ember-cli-pagination
- Delete node_modules, delete package-lock.json, then run npm install, npm update, then audit.