yarn icon indicating copy to clipboard operation
yarn copied to clipboard

Published 20 hours ago verified publisher icon yarnpkg

yarn audit fails: Unexpected audit response (Missing Metadata): false

Open elonmallin opened this issue 1 year ago • 3 comments

yarn audit fails with error Error: Unexpected audit response (Missing Metadata): false when some combination of dependencies exist.

Repro

  1. Create a package.json
{
    "name": "yarn-audit-bug",
    "dependencies": {
        "@cypress/webpack-dev-server": "^3.7.1",
        "html-webpack-plugin": "^5.5.3",
        "webpack": "^5.89.0"
    }
}
  1. Run yarn install && yarn audit

Outcome

error Error: Unexpected audit response (Missing Metadata): false
    at Audit.<anonymous> (C:\Users\malliel\AppData\Local\node\corepack\yarn\1.22.21\lib\cli.js:59326:15)
    at Generator.next (<anonymous>)
    at step (C:\Users\malliel\AppData\Local\node\corepack\yarn\1.22.21\lib\cli.js:310:30)
    at C:\Users\malliel\AppData\Local\node\corepack\yarn\1.22.21\lib\cli.js:321:13
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

Expected outcome

Should report on vulns and not fail.

Additional info

yarn audit works if you instead do npm install first. npm audit works as well.

Environment

Yarn: 1.22.21 OS: Windows

elonmallin avatar Dec 04 '23 16:12 elonmallin

@elonmallin I CAN WORK ON THIS PLEASE ASSIGN ME THIS TASK

Debshibraj123 avatar Dec 11 '23 14:12 Debshibraj123

@Debshibraj123 I'm not a maintainer of this repo so can't assign tasks, I just created the issue

elonmallin avatar Dec 11 '23 15:12 elonmallin

I ran into this same issue on an existing project that I was updating a few dependencies for. Deleting node_modules and the yarn.lock file and running yarn install to rebuild the lock file resolved the issue for me.

Zachatoo avatar Mar 06 '24 18:03 Zachatoo