yarn
yarn copied to clipboard
yarnpkg
`yarn policies set-version` crashes with "request.filter is not a function"
Bug description
Using Yarn 1.21.1, running yarn policies set-version with ^1.21.1 or 1.21.1 crashes with: request.filter is not a function. Passing berry works.
This happens even in a new directory with package.json containing just {}.
yarn-error.log contents:
Arguments:
/Users/me/.nvm/versions/node/v12.14.1/bin/node /usr/local/Cellar/yarn/1.21.1/libexec/bin/yarn.js policies set-version ^1.21.1
PATH:
/Users/me/.nvm/versions/node/v12.14.1/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/yarn/bin
Yarn version:
1.21.1
Node version:
12.14.1
Platform:
darwin x64
Trace:
TypeError: request.filter is not a function
at /usr/local/Cellar/yarn/1.21.1/libexec/lib/cli.js:90113:28
at Generator.next (<anonymous>)
at step (/usr/local/Cellar/yarn/1.21.1/libexec/lib/cli.js:310:30)
at /usr/local/Cellar/yarn/1.21.1/libexec/lib/cli.js:321:13
at processTicksAndRejections (internal/process/task_queues.js:94:5)
npm manifest:
{}
yarn manifest:
No manifest
Lockfile:
No lockfile
Command
yarn policies set-version '^1.21.1'
What is the current behavior?
warning package.json: No license field
Resolving ^1.21.1 to a url...
error An unexpected error occurred: "request.filter is not a function".
info If you think this is a bug, please open a bug report with the information provided in "/Users/me/projects/yarn1-test/yarn-error.log".
info Visit https://yarnpkg.com/en/docs/cli/policies for documentation about this command.
What is the expected behavior?
It should set the policy. If there's anything wrong with my environment, it should say that explicitly instead of crashing in a random place.
Steps to Reproduce
- Create an new directory with
package.jsonconsisting of just{}. - Run
yarn policies set-version '^1.21.1'
Environment
- Node Version:
12.14.1 - Yarn v1 Version:
1.21.1 - OS and version: macOS 10.15.2 (19C57)
You probably have an expired or invalidated Github access token set (see #7846 for setting it up), but this indeed should be handled correctly.
I've opened something up that should solve this #7848
@olingern adding github token does not seem to help:
> yarn policies set-version 1.22.5 --verbose
...
Resolving 1.22.5 to a url...
verbose 0.272414524 Performing "GET" request to "https://api.github.com/repos/yarnpkg/yarn/releases?access_token=ghp_way****6Xj".
verbose 0.534788913 Request "https://api.github.com/repos/yarnpkg/yarn/releases?access_token=ghp_way****6Xj" finished with status code 400.
error request.filter is not a function
If I try curl that the reason is clear:
> curl https://api.github.com/repos/yarnpkg/yarn/releases\?access_token\=ghp_way***6Xj
{
"message": "Must specify access token via Authorization header. https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param",
"documentation_url": "https://docs.github.com/v3/#oauth2-token-sent-in-a-header"
}
All authentication using query parameters will return a status code of 401 like all other auth failures starting on: September 8 2021 at 14:00 UTC
@sleshchenko I would make sure you're on the latest version, 1.22.11 and retry. As noted above, https://github.com/yarnpkg/yarn/pull/7848 should have fixed this.
@sleshchenko I would make sure you're on the latest version,
1.22.11and retry. As noted above, #7848 should have fixed this.
I am still getting the same issue, FYI.
% yarn --version
1.22.11
% yarn policies set-version v1.18
Resolving v1.18 to a url...
error request.filter is not a function
@olingern Hello, my issue not really that not clear error is reported but that yarn uses token as query param which is not allowed anymore, header is expected. See https://github.com/yarnpkg/yarn/issues/7847#issuecomment-923770014
I managed to work around this by first installing yarn 1.13.0, which appears to call https://api.github.com/repos/yarnpkg/yarn/releases without appending the github token to the end. Then I could use yarn policies set-version to download the latest 1.x version.
- I created a brand new token as outlined here.
-
printenv GITHUB_TOKENreveals that token, so it's exported in my profile. - I'm using [email protected]
yet...
Adding more to this, you can see that the request hits a 400 error:
Example request: https://api.github.com/repos/yarnpkg/yarn/releases?access_token=1
Response:
{
"message": "Must specify access token via Authorization header. https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param",
"documentation_url": "https://docs.github.com/v3/#oauth2-token-sent-in-a-header"
}
This is an issue with Yarn passing the access token by URL instead of by header.
Was able to work around this by blanking out the GITHUB_TOKEN...
GITHUB_TOKEN="" yarn set version 1.22.19
Still facing this when
GITHUB_TOKENis populated.
@sepehr What version of yarn are you using?
See the comment above in https://github.com/yarnpkg/yarn/issues/7847#issuecomment-1058440840
This is an issue with Yarn passing the access token by URL instead of by header.
If you run yarn policies set-version 1.22.5 --verbose then you will likely see that it is trying to add the GitHub token to the URL it's requesting via a URL param, not a header; as described in https://github.com/yarnpkg/yarn/issues/7847#issuecomment-923770014
For others running into this, for me it worked to set the GITHUB_TOKEN, and using yarn 1.13 to set the policy, like
GITHUB_TOKEN=… npx [email protected] policies set-version 1.18.0
