pnpm: pnpm audit with public registry sends a 502 status
pnpm version:
5.5.1
Code to reproduce the issue:
pnpm audit --registry=https://registry.npmjs.org --prod
Expected behavior:
Should be running an audit
Actual behavior:
Seems to be failing on a 502 status
WARN post https://registry.npmjs.org/-/npm/v1/security/audits error (502). Will retry in 10 seconds. 2 retries left.
WARN post https://registry.npmjs.org/-/npm/v1/security/audits error (502). Will retry in 1 minute. 1 retries left.
Additional information:
I get this in pnpm workspaces, not sure about a single repo.
The following command works with npm:
npm install --ignore-scripts --package-lock-only && npm audit --production --registry=https://registry.npmjs.org
node -vprints: v12.15.0- Windows, OS X, or Linux?: OSX
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Reactions: 11
- Comments: 24 (7 by maintainers)
Commits related to this issue
- fix(audit): public registry responds with 502 error close #2848 — committed to pnpm/pnpm by zkochan 3 years ago
- fix(audit): public registry responds with 502 error close #2848 — committed to pnpm/pnpm by zkochan 3 years ago
- fix(audit): public registry responds with 502 error (#3403) close #2848 — committed to pnpm/pnpm by zkochan 3 years ago
🚢 6.2.2
I’ve been running into this issue with
pnpm auditreturning a 502 for a while now as well and have been following this PR. I am using PNPM in a Rush repository and just realized that setting"useWorkspaces": truein myrush.jsonconfiguration file seems to cause this 502 for some reason.If I disable
useWorkspaces(the Rush default), suddenly I get a regular response from npm audit.Hi @zkochan, I’ve reproduced the issue in that monorepo:
https://github.com/soundstep/pnpm-audit-playground
I’ve added steps in the main readme.
still happening for me with pnpm 6.0.2 / node 14.16
Not sure what happened, maybe something changed in the registry but now it seems to work.
npm 7 has workspace support as well, so we can try to debug what format it uses to audit a monorepo.