I have the Dependabot GitHub action enabled in my React Native app's repository but for some reason, it won't automatically update. I have 2 dependencies that won't:
xmldon 0.5.0 and node-fetch 2.6.1
I keep getting this error when I try to Create Dependabot security update:
Dependabot failed to update your dependencies because there was an error parsing the package.json found at /package.json.
Dependabot encountered the following error:
Dependabot::DependencyFileNotParseable
Also, I shouldn't have to manually create a dependabot security updates since my github action should automate it, which looks like this:
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
version: 2
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
# Maintain dependencies for npm
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
# Maintain dependencies for Python files in requirements.txt
- package-ecosystem: "pip"
directory: "/"
schedule:
interval: "weekly"
Route: my-app/.github/dependabot.yml
Am I missing something here? I enabled this the exact same way for my website, which is written in React.js, and it's working perfectly.
Related
I have a repository that is showing npm security advisories from dependabot, even though I only have the "pip" ecosystem configured:
version: 2
updates:
- package-ecosystem: "pip"
directory: "/src/" # Location of package manifests
schedule:
interval: "weekly"
My npm packages are only used at build time, and not deployed. But looks like dependabot sees them because they are in the src/static directory.
I haven't found documentation on this particular issue.
Has anyone found the same situation? How did you solve it?
I have successfully created a Nuxt.js project with this configuration using the CLI:
Project name: test
Programming language: JavaScript
Package manager: Npm
UI framework: None
Nuxt.js modules: None
Linting tools: None
Testing framework: None
Rendering mode: Single Page App
Deployment target: Static (Static/JAMStack hosting)
Development tools: jsconfig.json
Version control system: Git
The developement server runs properly with npm run dev.
npm run build also runs without errors and tells me that:
Ready to run nuxt generate
But the execution of nuxt generate leads to the error Command 'nuxt' not found. This is strange because nuxt seems to be installed when I execute npm nuxt list.
I first reinstalled just nuxt and then all dependencies after deleting the node_modules/ folder, but the error remains the same. If I just run npm run start it tells me
Nuxt Fatal Error
Error: Output directory `dist/` does not exists, please use
`nuxt generate` before `nuxt start` for static target.
This is strange again because the .nuxt/dist/ folder exists.
Does anyone have an idea what is going wrong?
I have solved the problem. For me it works if I run npm run generate instead of nuxt generate.
I've been trying to use ESLint along with Standard and I haven't been able to get it to work. I've tried setting it up through eslint --init, uninstalling eslint globally and having all the packages locally, installing each package manually npm install --save-dev eslint eslint-config-standard eslint-plugin-standard eslint-plugin-promise eslint-plugin-import eslint-plugin-node, reinstalling ESLint extension and nothing so far. I'm perfectly able to run ./node_modules/.bin/eslint --fix ... in order to fix/check errors but it doesn't work with the VSCode extension by any meanings. I don't have prettier so it isn't related to it either.
Output:
[Info - 12:33:20 AM] ESLint server is running.
[Info - 12:33:23 AM] ESLint library loaded from: c:\Users\h08FXplsV8\Documents\dev\node\graphql-bootcamp\graphql-prisma\node_modules\eslint\lib\api.js
[Error - 12:33:25 AM]
Failed to load plugin 'import' declared in 'graphql-prisma\.eslintrc » eslint-config-standard': Cannot find module 'eslint-plugin-import'
Require stack:
- C:\Users\h08FXplsV8\Documents\dev\node\graphql-bootcamp\__placeholder__.js
Happened while validating C:\Users\h08FXplsV8\Documents\dev\node\graphql-bootcamp\graphql-prisma\src\resolvers\index.js
This can happen for a couple of reasons:
- The plugin name is spelled incorrectly in an ESLint configuration file (e.g. .eslintrc).
- If ESLint is installed globally, then make sure 'eslint-plugin-import' is installed globally as well.
- If ESLint is installed locally, then 'eslint-plugin-import' isn't installed correctly.
.eslintrc:
{
"env": {
"es6": true,
"node": true
},
"extends": [
"standard"
],
"globals": {
"Atomics": "readonly",
"SharedArrayBuffer": "readonly"
},
"parserOptions": {
"ecmaVersion": 2018,
"sourceType": "module"
},
"rules": {
}
}
I've seen other questions in SO related to this issue but none of the solutions worked, unfortunately.
I had the same issue for many weeks and finally found this thread and comment on Github: https://github.com/microsoft/vscode-eslint/issues/696#issuecomment-542592372
My issue turned out to be related to subdirectories. As soon as I made the project the only open project with an .eslintrc.js file, all of my linting issues went away.
Hopefully this works for you.
To fix the dependency tree, try following these steps in the exact order:
Delete package-lock.json (not package.json!) and/or yarn.lock in your project folder.
Delete node_modules in your project folder.
Remove "babel-eslint" from dependencies and/or devDependencies in the package.json file in your project folder.
Run npm install or yarn, depending on the package manager you use.
Also, be sure, that you have latest version of "eslint-plugin-import" plugin, as in my case, for example i had this error with "2.20.1" version, but latest "2.25.3" solved this issue
I had the same error caused by the eslint-plugin-import dependency and in my case, I got rid of the error by increasing to the latest version of the package.
For those having the following error with flutter firebase cloud functions after running firebase init functions and trying to run firebase deploy --only functions:
ESLint: 8.9.0
Error: Failed to load plugin 'import' declared in '.eslintrc.js': Cannot find module 'es-abstract/2021/RequireObjectCoercible'
Require stack:
- C:\Users\xx\Documents\xx\xx\functions\node_modules\eslint-plugin-import\lib\ExportMap.js
- C:\Users\xx\Documents\xx\xx\functions\node_modules\eslint-plugin-import\lib\rules\named.js
- C:\Users\xx\Documents\xx\xx\functions\node_modules\eslint-plugin-import\lib\index.js
- C:\Users\xx\Documents\xx\xx\functions\node_modules\#eslint\eslintrc\dist\eslintrc.cjs
This was solved by:
delete node_modules in functions folder
delete package-lock.json in functions folder
cd .\functions\ in the terminal to get into functions folder, run npm i, cd ../
firebase deploy --only functions
I am having this issue too which was why I checked this post but did not see any answer that work for me. After searching online, I stumbled into this code which solves my problem.
npm i -D eslint #typescript-eslint/eslint-plugin
In my case, i was not using jest at all.
So i had to downgrade de eslint dev dependency:
"eslint": "^7.32.0",
as it say here: https://github.com/eslint/eslint/issues/15149#issuecomment-939501275
I'm migrating our gitlab CI script to yarn from npm and have the following line that saves npm error logs for 1 day:
artifacts:
expire_in: 1 day
paths:
- /root/.npm/_logs/
My question is, what is the corresponding path for yarn error logs?
I have found the following two docs for yarn but neither says anything about error logs and searching the yarn docs yield nothing.
Continuous Integration (https://yarnpkg.com/lang/en/docs/install-ci/#gitlab)
Migrating from npm (https://yarnpkg.com/en/docs/migrating-from-npm)
When there is a yarn error, a yarn-error.log file is created at the root directory of your project.
There seems to be no official documentation about this. But you can find the code here.
I have a react component project created with nwb. I'm using Travis and semantic-release to make the releases.
But now, when I publish a new version, the package published from Travis is almost empty, and only have three files: README, LICENSE and package.json.
My .travis.yml configuration...
sudo: false
language: node_js
cache:
directories:
- ~/.npm
notifications:
email: false
node_js:
- '8'
before_install:
- npm install npm codecov.io coveralls
after_success:
- cat ./coverage/lcov.info | ./node_modules/codecov.io/bin/codecov.io.js
- cat ./coverage/lcov.info | ./node_modules/coveralls/bin/coveralls.js
- npm run travis-deploy-once "npm run semantic-release"
branches:
only:
- master
The travis build looks ok and I can't see any errors. It discovers the new version and publish it, but just publish those three files.
The public Github repository is this...
https://github.com/rigobauer/react-abc2svg
... and you can check the travis build here...
https://travis-ci.org/rigobauer/react-abc2svg/jobs/332199646
If I set a version number manually in package.json and run npm publish in my computer, then the package is published correctly.
I've tried cleaning npm caches, reinstalling all dependencies, recreating .travis.yml using semantic-release-cli setup, etc. But I always get the same result. When I try to upgrade or install the package in another project, the directory in node_modules only have those three files.
Any idea of where could be the problem?
UPDATED: I've recreated the project from scratch with nwb, reinstalling dependencies, etc. And I have the same problem.
UPDATED 2: I have the list of directories configured in package.json like this...
"files": [
"css",
"es",
"lib",
"umd"
]
... but I've also tried creating a .npmignore file. The problem persists.
Got it! Thanks to the semantic-release guys, I realize that I have to manually indicate to Travis to run my build script (generated with nwb). So just changing this to .travis.yml make it work...
.......
after_success:
- cat ./coverage/lcov.info | ./node_modules/codecov.io/bin/codecov.io.js
- cat ./coverage/lcov.info | ./node_modules/coveralls/bin/coveralls.js
- npm run build
- npm run travis-deploy-once "npm run semantic-release"
........
I thought that Travis was doing that automatically, because I have another component project made using the exactly same process, and that package was ok (and that's what was driving me crazy). After reading their answer, I re-check everything and realize that the I made the first publish of that package manually, and after that I incorporate semantic-release. The thing is that the next commits weren't related to feature or fix, so semantic-release doesn't generate a new release, and the original package was still there.
In case someone encounter the same type of issue, here is the Git issue with the answer: https://github.com/semantic-release/semantic-release/issues/615
I've found this in the Travis docs, maybe you should add the skip_cleanup: true option to your travis.yml (just a guess)