apm
apm copied to clipboard
atom
Publishing a new package with SSH fails
Prerequisites
- [x ] Put an X between the brackets on this line if you have done all of the following:
- Reproduced the problem in Safe Mode: http://flight-manual.atom.io/hacking-atom/sections/debugging/#using-safe-mode
- Followed all applicable steps in the debugging guide: http://flight-manual.atom.io/hacking-atom/sections/debugging/
- Checked the FAQs on the message board for common solutions: https://discuss.atom.io/c/faq
- Checked that your issue isn't already filed: https://github.com/issues?utf8=✓&q=is%3Aissue+user%3Aatom
- Checked that there is not already an Atom package that provides the described functionality: https://atom.io/packages
Description
Pushed a new repo to github, ran apm publish patch, failed with:
[owen@twifty-lynx shared-config]$ apm publish patch Registering shared-settings ✗ Registering package in [email protected]:twifty/atom-shared-settings repository failed: That repo does not exist, isn't an atom package, or you do not have access
The package.json was configured with the SSH url of the repo. I tried refreshing my atom.io token and re-authorizing as mentioned in #759. Publishing existing packages work without a problem, it is only new packages which don't work.
I worked around the issue by using the https URL and manually entering my github credentials.
Versions
Manjaro Linux: 4.14 kernel Atom : 1.26.1 Electron: 1.7.11 Chrome : 58.0.3029.110 Node : 7.9.0 apm 1.19.0 npm 3.10.10 node 6.9.5 x64 atom 1.26.1 python 2.7.14 git 2.17.0
Additional info
I tried renaming the package to `shared-config' which resulted in the same error. I have just now noticed that this package exists on atom.io alongside the intended package . I'm not sure how to remove that erroneous package.
Have the same issue.
I have replicated the publishing API call with curl (authentication token removed in the dump). Changing the repository URL to https is a workaround (remember to create a "Personal access token" in the Github "Developer settings").
$ curl -v --http1.1 -X POST -H 'Content-Type: application/json' -d '{ "repository": "[email protected]:dschwen/action-explode-moose" }' -H 'Authorization: XXXXXXXXXXXXXXXXXXXXX' "https://atom.io/api/packages"
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 54.163.152.154...
* TCP_NODELAY set
* Connected to atom.io (54.163.152.154) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
{
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.atom.io
* start date: Apr 28 00:00:00 2020 GMT
* expire date: May 11 12:00:00 2022 GMT
* subjectAltName: host "atom.io" matched cert's "atom.io"
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA
* SSL certificate verify ok.
> POST /api/packages HTTP/1.1
> Host: atom.io
> User-Agent: curl/7.54.0
> Accept: */*
> Content-Type: application/json
> Authorization: XXXXXXXXXXXXXXXXXXXXX
> Content-Length: 63
>
* upload completely sent off: 63 out of 63 bytes
< HTTP/1.1 500 Internal Server Error
< Server: Cowboy
< Connection: close
< Date: Fri, 11 Sep 2020 19:00:03 GMT
< Status: 500 Internal Server Error
< Referrer-Policy: strict-origin-when-cross-origin
< Strict-Transport-Security: max-age=631139040
< X-Frame-Options: DENY
< Content-Security-Policy: default-src 'self'; font-src https://github-atom-io-herokuapp-com.freetls.fastly.net https://github-atom-io-herokuapp-com.global.ssl.fastly.net; frame-src 'self' https://www.youtube.com; img-src https: 'self' https://github-atom-io-herokuapp-com.freetls.fastly.net data:; media-src 'self'; object-src 'self' https://github-atom-io-herokuapp-com.freetls.fastly.net; script-src 'self' 'unsafe-inline' https://ssl.google-analytics.com https://www.google-analytics.com https://platform.twitter.com https://github-atom-io-herokuapp-com.freetls.fastly.net; style-src 'self' 'unsafe-inline' https://github-atom-io-herokuapp-com.freetls.fastly.net;
992b2266cb666e215459138124b5bb1098fb3ecd
< X-Xss-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Content-Type: application/json; charset=utf-8
< Cache-Control: no-cache
< X-Request-Id: 0fc5d851-c075-414f-8268-993798bd0c9f
< X-Runtime: 0.137091
< X-Rack-Cache: invalidate, pass
< Vary: Accept-Encoding, Origin
< Via: 1.1 vegur
<
* TLSv1.2 (IN), TLS alert, Client hello (1):
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):
{"message":"Application error"}
This is an over two year old issue. What's odd is that this is not a consistent failure. I've published a few new packages (all with SSH repo URLs) and pushed a lot of updates without any problems. Furthermore this is clearly not a local issue but seems to lie on the package database server side.