Comments (15)
ralphtheninja
commented on June 2, 2024
1
Just a side note. When switching to another caching algorithm the current cache will be stale. Should we do something about that or just leave it be? Does this mean a new major version?
from prebuild-install.
ralphtheninja
commented on June 2, 2024
@pfitzseb What's the command I need to issue in order to reproduce this?
from prebuild-install.
pfitzseb
commented on June 2, 2024
In theory you should be able to reproduce with npm install node-pty-prebuilt or something like that.
However, I haven't been able to reproduce this in any way -- it seems like a very spurious issue.
from prebuild-install.
ralphtheninja
commented on June 2, 2024
I tried using node v9.11.1 (no prebuilts for node 10 have been made) and get this output
npm i --verbose:
prebuild-install info begin Prebuild-install version 2.5.3
prebuild-install info looking for local prebuild @ prebuilds/node-pty-prebuilt-v0.7.3-node-v59-linux-x64.tar.gz
prebuild-install info looking for cached prebuild @ /home/lms/.npm/_prebuilds/https-github.com-daviwil-node-pty-prebuilt-releases-download-v0.7.3-node-pty-prebuilt-v0.7.3-node-v59-linux-x64.tar.gz
prebuild-install info found cached prebuild
prebuild-install info unpacking @ /home/lms/.npm/_prebuilds/https-github.com-daviwil-node-pty-prebuilt-releases-download-v0.7.3-node-pty-prebuilt-v0.7.3-node-v59-linux-x64.tar.gz
prebuild-install info unpack resolved to /home/lms/tmp/node-pty-test/node_modules/node-pty-prebuilt/build/Release/pty.node
prebuild-install info unpack required /home/lms/tmp/node-pty-test/node_modules/node-pty-prebuilt/build/Release/pty.node successfully
prebuild-install info install Successfully installed prebuilt binary!
So it seems to be working fine (on linux at least).
@pfitzseb Have you tried reproducing on windows?
from prebuild-install.
ralphtheninja
commented on June 2, 2024
Just some background; prebuild-install caches all prebuilts in ~/.npm/_prebuilds and takes the URL and converts it to a proper file name, so
https://github.com/daviwil/node-pty-prebuilt/releases/download/v0.7.3/node-pty-prebuilt-v0.7.3-node-v59-linux-x64.tar.gz
becomes
https-github.com-daviwil-node-pty-prebuilt-releases-download-v0.7.3-node-pty-prebuilt-v0.7.3-node-v59-linux-x64.tar.gz
In theory we could try to be a little smarter here, if we really need to shorten the file name. Currently we're just replacing invalid characters with '-'.
from prebuild-install.
mathiask88
commented on June 2, 2024
I tried to reproduce this as well, but was not able to. I think more interesting is the OS/Filesystem. At least it is no prebuild-install issue, but as @ralphtheninja said maybe we could be a bit smarter in naming IF long paths are the reason.
from prebuild-install.
pfitzseb
commented on June 2, 2024
So apparently there's a 143 byte filename limit on encrypted Ubuntu filesystems, as @nwschurink found out.
Would you accept a PR for making the filename a (MD5?) hash of the URL or something similar that ensures a fixed size filename (much) shorter than 140 chars?
from prebuild-install.
ralphtheninja
commented on June 2, 2024
Would you accept a PR for making the filename a (MD5?) hash of the URL or something similar that ensures a fixed size filename (much) shorter than 140 chars?
Def. If you want to hack something up for discussion.
from prebuild-install.
vweevers
commented on June 2, 2024
-1 on hashing as it would make the files hard to identify for humans. How about something like:
/home/user/.npm/_prebuilds/daviwil-node-pty-v0.7.3-node-v59-linux-x64.tar.gz (76 chars)
Not sure how'd it work with custom binaries though.
from prebuild-install.
ralphtheninja
commented on June 2, 2024
@vweevers Agree on the downside of hashing. The file name in itself should be good enough imo.
from prebuild-install.
mathiask88
commented on June 2, 2024
-1 on hashing as well for the same reasons. What about reducing the file name and append the reduced information to the path instead? So we utilize the PATH_MAX which seems to be always higher or at least equal than NAME_MAX.
from prebuild-install.
vweevers
commented on June 2, 2024
What about reducing the file name and append the reduced information to the path instead?
That could work, if we really need that reduced information.
from prebuild-install.
vweevers
commented on June 2, 2024
If you switch to a mirror, should the filename (or path) change?
from prebuild-install.
pfitzseb
commented on June 2, 2024
Current:
~/.npm/_prebuilds/https-github.com-daviwil-node-pty-prebuilt-releases-download-v0.7.3-node-pty-prebuilt-v0.7.3-node-v59-linux-x64.tar.gz
-
Option 1 (what @mathiask88 suggests, if I understand correctly):
~/.npm/_prebuilds/https-github.com/daviwil/node-pty-prebuilt/releases/download/v0.7.3/node-pty-prebuilt-v0.7.3-node-v59-linux-x64.tar.gz -
Option 2 (prefixed partial checksum):
~/.npm/_prebuilds/71a2427262-node-pty-prebuilt-v0.7.3-node-v59-linux-x64.tar.gz
where71a2427262are the first 10 chars of the download URL checksum. -
Option 3 (checksum only):
~/.npm/_prebuilds/71a242726206b5e537d3a82de5e16791.tar.gz
Option 3 is probably out of the question for the reasons listed above. I kinda like Option 2 since it doesn't create so many directories (at the cost of some info though).
from prebuild-install.
ralphtheninja
commented on June 2, 2024
Fix released in 4.0.0
from prebuild-install.
Related Issues (20)
- Resolve vulnerabilities in dependencies (npmlog>gauge>ansi-regex) HOT 4
- Remove `rc` dependency HOT 2
- Version bump of `npmlog` HOT 1
- Resolve CVE-2022-0355 by upgrading to simple-get 4.0.1+ HOT 1
- Update simple-get to 4.0.1 HOT 1
- Resolve vulnerability in dependencies (simple-get < 4.0.1) HOT 1
- Please update simple-get dependency to resolve security issue. HOT 1
- npm_config_* variables are not available in npm v7+ which breaks prebuild platform overrides HOT 3
- prebuild-install can't install node-canvas prebuild HOT 1
- CVE-2021-44906: Minimist <=1.2.5 is vulnerable to Prototype Pollution HOT 2
- Can't install package in private network HOT 4
- How to disable enforced compilation? HOT 1
- Mirroring with custom host much harder compared with node-pre-gyp
- [CVE-2022-0355] Exposure of Sensitive Information to an Unauthorized Actor in NPM simple-get prior to 4.0.1 HOT 5
- Expired certificate HOT 2
- prebuild-install not found HOT 2
- prebuild-install WARN install No prebuilt binaries found HOT 1
- Critical CVE reported in latest ([email protected]) HOT 2
- prebuild-install will mutate the contents of an hard-linked `.node` file
- why doesn't it honor NPM_CONFIG_CACHE? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from prebuild-install.