yarn
yarn copied to clipboard
yarnpkg
An unexpected error occurred: "Commit hash required".
I've got a project, that has been running fine for months, where suddenly adding/installing eth-lightwallet fails during fetching packages with An unexpected error occurred: "Commit hash required".
Suddenly is defined as between March 21st, 9:51AM CET - March 22nd, 5:30PM CET with a commit that did not touch the package.json or lock files (just a css and html fix)
I've tried:
- changing node version 7.7.4 and 7.7.1 (on 7.7.1 it worked before without question)
- removing all caches, npm_modules, lockfiles
- it fails both on a linux (alpine and debian) ci docker image, and on OSX
- created a new project and added it. this worked, so it's my dependency set that breaks it
- it appears to be related to bignumber.js in the dependencies, so tried a lot of different formats in https://github.com/roderik/eth-lightwallet.git
- added
if (!commit) console.log(_this2)to my git-fetcher.js line 113 and installed usingyarn add https://github.com/roderik/eth-lightwallet.git --verbose --network-concurrency 1 --forceResult: https://gist.github.com/roderik/f5ff6abfcdcdb364f2a5327016317de0 and the error log, but this does not show a reason for the commit hash to be empty - it installs fine with npm, so it's my dependencies + yarn
I'm stumped and reverted to yarn install || npm i on my ci, but this is not really the way it's supposed to be.
try regenerating your yarn.lock file? the resolved link has been changed for external dependencies -
i had a dependency that looks like
"leaflet.markercluster": "Leaflet/Leaflet.markercluster#leaflet-0.7"
and it originally resolves to
resolved "https://codeload.github.com/Leaflet/Leaflet.markercluster/tar.gz/232e93ccbe5b70241913f47a4d1a8ceec8c88c30" which the git-fetcher fails to extra commit hash from
i changed the dependency to
"leaflet.markercluster": "git://github.com/Leaflet/Leaflet.markercluster#leaflet-0.7"
and it then resolves to
resolved "git://github.com/Leaflet/Leaflet.markercluster#232e93ccbe5b70241913f47a4d1a8ceec8c88c30"
this only fails for me when:
- there's linked dependency - project depends on A and B, and A depends on B, and
- using
yarn install --pure-lockfile(yarn installworks)
Seeing this error as well.
My yarn-error.log: https://gist.github.com/s3ththompson/39bf7d98faeef3811d8a5bc747427b74
Same here - I'm also seeing some duplicate entries from nested dependencies unless I use the git://github.com format.
I haven't tracked down an exact repro yet, but I was running into issues installing "inline-styles": "^1.0.0" (inline-styles) which in turn has a dependency on cheerio of the form git://github.com/cheeriojs/cheerio. I believe the cheerio dependency was what was breaking...
Same issue as well We are using "next" in pkg.json for "uport-connect" possibly the issue? yarn-error.txt
Found out this problem has to do with `git, especially when the dependency was resolving to a git url with out a commit hash as the version. It makes since as there is no way to lock down the version when you are just loading what ever is in master. Removing all git dependencies resolved this issue for me.
@smitt04 Glad you found a workaround. Not an option for us, unfortunately :(
@smitt04 @kaicataldo I don't follow that there is no way to lock down a version when you are loading from master... it seems as though the yarn.lock should track the commit hash that matches HEAD at the time the git dependency is installed.
Removing all git dependencies resolved this issue for me.
@smitt04 What exactly does this mean? As in stuff that doesn't exist on NPM? Some sort of git tooling?
@roderik, can you share a yarn.lock + package.json that reproduce the issue? The trick with git dependencies is that sometimes hash can be a commit hash and other times it can be a sha1 hash.
@jeffscottward what i meant was that any npm packages in my package.json file that referenced by a git url i switched to use the npm version and it fixed the issues i was having.
@bestander everything is in https://gist.github.com/roderik/f5ff6abfcdcdb364f2a5327016317de0
Seeing this as well even after a yarn cache clean and removal of the node_modules folder
I am having the issue too. Downgrading to an older version seems to solve it for me on Heroku. Maybe the following dependency in my package.json causes trouble: "autofill-event": "weyert/autofill-event",
I just started seeing this on Heroku today as well, with version 0.22.0 of yarn. Changing to version 0.23.2 fixed it.
Change the version on Heroku by adding to package.json:
{
"engines": {
"yarn": "0.23.2"
}
}
Yay! Thanks @levity! Adding
{
"engines": {
"yarn": "0.23.2"
}
}
to my package.json on BitBucket did the trick!
Actually, it's weird because my bitbucket docker container already has 0.23.2.
I thought 23.2 fixed this issue for a little while, but I ran into it again trying to remove a dependency from yarn.lock.
Also seeing an error when managing the eth-lightwallet dependency with Yarn. After installing the dependency, subsequent yarn commands (add, install) fail with this error:
An unexpected error occurred: "ENOENT: no such file or directory, open '/Users/luke/Library/Caches/Yarn/v1/npm-bignumber.js-2.0.7-c4840fe42268643818b2730ebedb0eec7271ee42/.yarn-metadata.json
Running yarn cache clean and removing node_modules and the yarn.lock file resolves the issue but re-running yarn install will cause the issue to resurface.
Looks like eth-lightwallet actually depends on a particular commit of a fork of bignumber.js - @bestander guess this could be the culprit?
Seems that if I install a new dependency, Yarn always tries to install bignumber.js again:
→ yarn add react-motion
yarn add v0.23.2
[1/4] 🔍 Resolving packages...
[2/4] 🚚 Fetching packages...
[3/4] 🔗 Linking dependencies...
[4/4] 📃 Building fresh packages...
success Saved lockfile.
success Saved 5 new dependencies.
├─ [email protected]
├─ [email protected]
├─ [email protected]
├─ [email protected]
└─ [email protected]
✨ Done in 10.62s.
Thanks for more data. We are tracking a set of issues related to git hosted dependencies, apparently there are many edge cases to consider. We'll sort it out soon.
@BYK I'm still seeing this issue :/
edit: I'm not seeing this issue -- I had a bad https setup (invalid token), but the error message shows "Commit Hash Required"
I was having the same issue, what solved for me was change the import on package.json
from: "react-common": "git+https://github.com/vizinhanca/react-common.git#master" to: "react-common": "git+ssh://[email protected]/vizinhanca/react-common.git#master",
Try deleting the yarn.lock file and then git stash or commit existing changes.
"Try deleting the yarn.lock file and then commit existing changes". that worked for me!
@pbirbarah , worked for me too. in my case, i received an app that was created on mac and i am on windows, yarn.lock should never be committed in a repo I think.
@pbirbarah , worked for me too. in my case, i received an app that was created on mac and i am on windows, yarn.lock should never be committed in a repo I think.
yarn.lock should be committed.
Try deleting the yarn.lock file and then
git stashor commit existing changes.
No dice for me.
[2/4] 🚚 Fetching packages...
error An unexpected error occurred: "Commit hash required".
info If you think this is a bug, please open a bug report with the information provided in "~/.Trash/project/yarn-error.log".
info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command.
Why does it put the error log in the trash? lol...
