Does yarn have an equivalent to unsafe-perm=true? - yarnpkg

As far as I understand, I can add a .npmrc file to the root of my directory to prevent node packages to be installed as non-root user when using npm.
Is there an equivalent flag, option, or config when using yarn?

You can use yarn config set unsafe-perm true to get the equivalent result.
See Yarn Docs for config set and this Github answer explaining that unsafe-perm is false by default. Unfortunately, there isn't anything about it in the official docs.

Related

How to set no proxy in yarn

I am trying to install packages from within the corporate network along with some packages that exist within the corporate repository. I was able to configure the following proxy settings for yarn
yarn config set proxy "${PROXY}"
yarn config set https-proxy "${PROXY}"
But since some packages exist within the corporate network installing them fails. I couldnt find a way to set no proxy for internal corporate urls. There is a workaround posted here - https://github.com/yarnpkg/yarn/issues/5048#issuecomment-604181595. But I would like to know if there is a better way
yarn doesn't seem to to have a concept of no proxy. It either tries to proxy everything or nothing...very naive. Fortunately, npm does so we use npm for all of our projects.

Is there difference `yarn dev` and `yarn run dev`?

To run the local server for development I normally use yarn run dev.
But it seems yarn dev provides same function. Is this command just a short alias for yarn run dev?
I couldn't find info for yarn dev in documents.
You can leave out run from this command.
Basically, not only dev command, you can directly use any scripts by name without keyword run.
So, yarn dev and yarn run dev both do the same.
From the docs:
https://classic.yarnpkg.com/en/docs/cli/run/
It’s also possible to leave out the run in this command, each script can be executed with its name
And a similar example is given for yarn 2
https://yarnpkg.com/cli/run
Same thing, but without the "run" keyword :

How to access npm git-dependency from jenkins?

In my package.json I have a depedency to antoher git repository:
"my-dependeny":"git+https://somehost.com/my-dependency.git#<commit-hash>"
After running npm install this works fine while developing because git is using my personal stored credentials.
But executing npm install in a jenkins-pipline will fail, because there are not stored credentials. So I first tried to generate a deploy token in gitlab and edit the package.json:
"my-dependeny":"git+https://<deploy-token>:<password>#somehost.com/my-dependency.git#<commit-hash>"
Now it will work on jenkins!
But the problem with this approach is, that Windows autoamtically updates the credential for the host (somehost.com) in the Credentials Manager:
So when any developer is running npm install and is afterwards trying to access another project within the same host it will fail, because it will use the deploy-token for the autenthication.
Of course you could add new user to gitlab which has access to all relevant projects. Then you could store this user on jenkins, but this doesn't seem to be an optimal or even good solution.
Maybe there could also be a way to stop the Credential Manager from updating git credentials. But this also doesn't sound well, because every developer would have to prevent this, which is not very intuitive.
My Question
Is there a good way to access npm git-depencies from jenkins without requiring extra steps that need to be done by each developer?
I was finally able to find a solution by myself with the help of git-credential-store.
The following steps apply for linux systems, because in my case the Jenkins is running on Linux. But there should be a similiar solution for Windows systems.
Create empty ~/.git-credentials file. If you use a Dockerfile to copy the .git-credentials file you most likly have to use /root/git-credentials as path (e.g. COPY .git-credentials /root/)
Insert your credentials like the following to your ~/.git-credentials file:
<protocol>://<deploy-token>:<password>#<hostname>/<project>
Example:
https://gitlab+deploy-10:mYSecReTPaSSWord#somehost.com/my-dependency.git
or multiple credentials (follow 4. step below to enable this feature):
https://gitlab+deploy-10:mYSecReTPaSSWord#somehost.de/some-path/some-project.git
https://gitlab+deploy-11:otHerPaSSWord#somehost.de/some-path/some-other-project.git
NOTE:
The line-endings in the ~/.git-credentials have to be LF. If
they are CR;LF unexpected errors can occur.
git config --global credential.helper store
This will tell git that you wanna use your .git-credentials file for authentication.
(~/.git-credentials is the default location)
optional: git config --global credential.useHttpPath true
This is needed if you want to use mutliple Deploy Tokens for multiple projects within the same hostname. Without credential.useHttpPath true in the example above this would mean, that gitlab+deploy-10:mYSecReTPaSSWord would be used in every request to somehost.de. The HTTP path would be ignored completly.
The following is how I solved this in my jenkins file:
withCredentials([usernamePassword(credentialsId: 'my-git-username-and-api-token', passwordVariable: 'GIT_PASSWORD', usernameVariable: 'GIT_USERNAME')]) {
sh '''
git config --global credential.username ${GIT_USERNAME}
git config --global credential.helper "!echo password=${GIT_PASSWORD}; echo"
npm install
npm run build
'''
}
As you can see it uses GitHub username and API token from the credentials store. It also runs git config every time. For me this is necessary as I'm running my builds in a docker node. This solves the problem we encountered where git+https dependencies in npm were not being resolved in our jenkins pipeline.

Yarn - There appears to be trouble with your network connection. Retrying

I have been trying to do the quickstart guide for react native, but kept getting this error
There appears to be trouble with your network connection. Retrying...
My connection works just fine.
This happens when your network is too slow or the package being installed is too large, and Yarn just assumes it's a network problem.
Try increasing Yarn network timeout:
yarn add <yourPackage> --network-timeout 100000
Deleting the yarn.lock file and rerunning "yarn install" worked for me.
I got this issue because I was working within my company internal network and proxy needed to be set.
$ yarn config set proxy http://my_company_proxy_url:port
$ yarn config set https-proxy http://localhost:3128
example $ yarn config set https-proxy http://proxy.abc.com:8080
Simple working solution (right way of doing it):
Looks like yarn was trying to connect via a proxy. The following worked for me:
npm config rm proxy
npm config rm https-proxy
Source
Turning off "real time protection" with windows defender fixed it for me.
Sucks but it appears the checks are too much for yarn to handle.
Could be that your network speed is too slow and timeout is relatively short, you can set yarn install --network-timeout=30000
If you still have the error, could be solved by proxy, vim ~/.yarnrc and add useful proxy setting.
yarn config set network-timeout 600000 -g
Often, your error is caused by hitting the network connection time limit, and yarn simply reports there is "trouble with your network connection".
The line of code at the top of my answer sets the global yarn network timeout to 10 minutes.
Having a long network timeout is probably okay, because yarn uses caches and if it's big and you don't have it, you probably want it to just go ahead and take the time to download.
Could be a proxy issue. Run the command below to delete the proxy.
yarn config delete proxy
The following helped me
yarn config delete https-proxy
yarn config delete proxy
they set your https-proxy and proxy values to undefined. My https-proxy was set to localhost. Check that proxy and https-proxy config values are undefined by using the following
yarn config get https-proxy
yarn config get proxy
The large package involved often can be Material Design Icons.
Check if you make use of the Material Design Fonts material-design-icons in your package.json and remove it!
material-design-icons is too big to handle and you should only use material-design-icons-fonts if you only need them.
https://medium.com/#henkjan_47362/just-a-short-notice-for-whomever-is-searching-for-hours-like-i-did-a741d0cd167b
Turn off or disable your antivirus before run this command. I am also facing same issue than i disable quick heal antivirus and it is works.
create-react-app my-app
When I want to use yarn I have above error, but there is not any error with npm, for this situation you can install react project from npm
npx create-react-app app --use-npm
Deleting the yarn-lock file, doing a yarn cache clean and then a yarn solved my issue
npm install
worked for me (but my project was built with yarn)
Got the exact issue when trying yarn install
yarn install --network-timeout 100000
Just using this didn't solve my problem. I had to install only ~5 packages at a time. So I ran yarn install multiple times with only few dependencies in the package.json at a time.
Hope this helpful
In short, this is caused when yarn is having network problems and is unable to reach the registry. This can be for any number of reasons, but in all cases, the error is the same, so you might need to try a bunch of different solutions.
Reason 1: Outdated Proxy Settings
This will throw the "network connection" error if you are connected to a network that uses a proxy and you did not update yarn configs with the correct proxy setting.
You can start running the below commands to check what the current proxy configs are set to:
yarn config get https-proxy
yarn config get proxy
If the proxy URLs returned are not what you expect, you just need to run the following commands to set the correct ones:
yarn config set https-proxy <proxy-url>
yarn config set proxy <proxy-url>
Similarly, if you have previously set up the proxy on yarn but are no longer using a network connection that needs a proxy. In this case, you just need to do the opposite and delete the proxy config:
yarn config delete https-proxy
yarn config delete proxy
Reason 2: Incorrect Domain name resolution
This will throw the "network connection" error if for whatever reason your machine cannot resolve your yarn registry URL to the correct IP-address. This would usually only happen if you (or your organization) are using an in-house package registry and the ip-address to the registry changes.
In this case, the issue is not with yarn but rather with your machine. You can solve this by updating your hosts file (for mac users, this should be found in '/etc/hosts') with the correct values, by adding a mapping as follows:
<ip-address> <registry-base-url>
example:
10.0.0.1 artifactory.my.fancy.organiza.co.za
Adding option --network=host was the solution in my case.
docker build --network=host --progress=plain .
I encountered this error while attempting yarn outdated. In my case, a few of the packages in my project were hosted in a private registry within the company network. I didn't realize my VPN was disconnected so it was initially confusing to see the error message whilst I was still able to browse the web.
It becomes quite obvious for those patient enough to wait out all five retry attempts. I, however, ctrl-c'd after three attempts... 😒
In my case I found a reference to a defunct registry in my ~/.yarnrc file
When I removed that the error went away
This happened in my case trying to run yarn install.
My project is a set of many sub-projects.
After a couple of retries, it showed a socket-timeout error log:
error An unexpected error occurred: "https://<myregitry>/directory/-/subProject1-1.0.2.tgz: ESOCKETTIMEDOUT".
I cloned subProject1 separately, did yarn install on it and linked it with main project.
I was able to continue with my command on main project after that.
Once done, I unlinked the subProject1 and did a final yarn install --force which was success.
I got this error while trying to run yarn install - i use WSL with ubuntu distro, the following command fixed it,
echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf > /dev/null
This may be a late answer but here are some possible reasons:
If you are behind a proxy you may need to configure .npmrc if you are using npm or .yarnrc if you are using yarn
If proxy is well setup, you may need remove yarn.lock or package-lock.json and re-run npm i or yarn
If you are working within a docker environment or elsewhere that might need a different approach where you are not modifying the installation process, try adding a file named .yarnrc in the root of the project with the problem (where your package.json resides) and in that file write:
network-timeout 600000
Docker will still run without modifying the docker-compose.yml file and you get the timeout solution.
I faced the same issue but adding VS Code to the Firewall Exception List has solved my issue.
I got the same issue but my case is totally different. I am on Linux, and I get this error because I had a service nginx status off.

Does yarn `--prefer-offline` by default

yarn has a --prefer-offline flag
Does it pull from the cache by default or is that flag needed?
What is the purpose of the local package cache if the flag is not used?
The flag changes behaviour.
If not set the default behaviour seems to be for yarn always to prefer to download if possible, using the cache only if offline.

Resources