Node-sass: Is there a way to install node-sass without download the binding.node file from GitHub?
I would like to install this module, but it fails due to the corporate environment that I have to use :-/
The problem is that I can either be in the public web, or in the internal corporate network with access to an internal npm proxy.
I need to use the internal network, because otherwise I can't install a bunch of non-public dependencies. This, unfortunately, leads npm install to show the following error:
Downloading binary from https://github.com/sass/node-sass/releases/download/v4.5.3/linux-x64-57_binding.node
Cannot download "https://github.com/sass/node-sass/releases/download/v4.5.3/linux-x64-57_binding.node":getaddrinfo ENOTFOUND github.com github.com:443
[…]
Also setting a proxy, as suggested, won't help, because I do not have internet access when I am in the internal network, and there is just no proxy. I know that this is scenario is super-bullshit, but I can't change it 😢
Is there a way to install this module, without the need for this download?
I alread tried
$ npm install --build-from-source
but this didn't change anything. Any hints or ideas?
Alternatively, is there a way to download this file in advance, put it somewhere, and then have npm install use the local file instead of the remote one?
goloroden
All 16 comments
After the download fails the install will automatically fall back to a local node-gyp build. build-from-source is a node-pre-gyp command, and we don't currently use that library.
nschonni
on 2 Nov 2017
The alternate binary download pararmeters are also covered in the README https://github.com/sass/node-sass#binary-configuration-parameters
nschonni
on 2 Nov 2017
After the download fails the install will automatically fall back to a local node-gyp build.
No, it doesn't. All I get is the message that github.com could not be resolved and that's it. It then exits with an error.
goloroden
on 2 Nov 2017
export SASS_BINARY_PATH should resolve this issue.
You can download XXX_binding.node and export to SASS_BINARY_PATH.
export SASS_BINARY_PATH=~/somepath/linux-x64-11_binding.node
ausaif
on 8 Aug 2018
Is there a official alternative way in progress develping?
thelimarenan
on 10 Aug 2018
i have same problem please suggest
rabi-999
on 4 Oct 2018
@rabi-999 We also facing same issue downloading binary fails.
Struggling with 'node-sass' installation issue, due to high security restrictions & organisational policies in our company, since we are working in finance domain.
I managed to work with node-sass by getting 'binding.node' externally and continued the styling app locally.
But when we are hosting the app on Azure cloud, the build errors due to binding.node downloading fails.
If no fixes found then I need to use CSS instead SCSS.
srikant
on 5 Oct 2018
Same issue. What a pain in the ass. Here's what we're trying:
1) Set up an internal webserver
2) Download all files for 'latest release' (bash script using jq json processor):
for URL in $(curl -s https://api.github.com/repos/sass/node-sass/releases/latest | jq -r '.assets[].browser_download_url')
do
wget $URL
done
3) Set the SASS_BINARY_SITE environment variable to point to the internal webserver
gdubya
on 10 Oct 2018
Arguably a superior solution would be to use a dependent package (called like node-sass-binary-win32, node-sass-binary-osx... respectively) to deliver those binaries — instead of relying on GitHub and custom scripts to download.
That way it would be absolutely transparent and smooth, no reliance on external websites, security holes and outages. Also quite solid for CI and disconnected container/offline story.
By making node-sass optionally depend on all node-sass-binary-win32/osx/linux/... packages, at install time NPM will pick the architecture that fits, and download everything in one step, no post-installs.
mihailik
on 6 Nov 2018
The most effective and simplest solution for me: download this ${your_platform_vers}_binding.node manually (on other machine, can be downloaded from here) and put it to npm cache C:\Users\${user}\AppData\Roaming\npm-cachenode-sass\${node-sass version}.
npm istall now working! :smiley:
r-n-aliev
on 19 Nov 2018
This is a viable workaround for a limited subset of environments.
Does node-sass have to download binary file from an external URL as part of the installation? It is a security concern, that's why corporate environments block it.
It's also a maintenance concern, as CI servers that run in secure disconnected environment wouldn't be able to use node-sass either. It would take a manual interaction such as @r-n-aliev to 'prime' the environment for every time node-sass is upgraded or downgradedm and every CI server too.
What would it take to solve the underlying issue rather than expect workarounds?
mihailik
on 19 Nov 2018
Would it be possible to make this another node package? Replacing the download with a 'npm install platform-spec-sass-binary'?
davidroberts63
on 11 Jan 2019
What solved the problem for us is this
- Create a local file repo - let's say
nodejsin Nexus / Artifactory (ideally would be a proxy repo to the gitbub releases, but did not yet get it working) - ensure the required binary is available in your Artifact repo according to this structure: https://nexus.intra/repository/nodejs/vx.x.x/
ensure that
sass-binary-site=https://nexus.intra/repository/nodejs/is configured. you can do this withnpm config set sass-binary-site=https://nexus.intra/repository/nodejs/ --global
papanito
on 29 Mar 2019
I'd like to raise the same concern. I've disabled all NPM runtime scripts and explicitly run npm rebuild with --build-from-source. It used to force Sass to rebuild and _not_ use an untrusted binary off of GitHub. Now when I give it a go with the latest version, it seems to insist on downloading an executable. That's just awful. We've been warning devs for ages to vet code before they run it — which is not easy, but at least doable — and now we're just grabbing binaries with no confirmation and running them. Mark my words, eventually someone will target those binaries, either legally (looking at you, Australia, where @xzyfer is from ^_^) or illegally.
So, couldn't we have Sass respect the de facto --build-from-source?
Here's the current rebuild command for other privacy and security aware people:
npm --ignore-scripts false rebuild --build-from-source node-sass --sass-binary-site=http://localhost:0
moll
on 10 Apr 2019
I wouldn't trust external sources any more than external binaries.
But if binaries are distributed via NPM by the same authors, that's a different point.
mihailik
on 11 Apr 2019
The most effective and simplest solution for me: download this
${your_platform_vers}_binding.nodemanually (on other machine, can be downloaded from here) and put it to npm cache C:\Users${user}\AppData\Roaming\npm-cachenode-sass${node-sass version}.
npm istall now working! 😃
That's right, in my environment, I moved the download win32-x64-67_binding.node to C:\Users\Liu.D.H\AppData\Roaming\npm-cache\node-sass\4.11.0, then I run npm rebuild node-sass
D:\code\java\jeecg-boot\ant-design-jeecg-vue>npm rebuild node-sass
> [email protected] install D:\code\java\jeecg-boot\ant-design-jeecg-vue\node_modules\node-sass
> node scripts/install.js
Cached binary found at C:\Users\Liu.D.H\AppData\Roaming\npm-cache\node-sass\4.11.0\win32-x64-67_binding.node
> [email protected] postinstall D:\code\java\jeecg-boot\ant-design-jeecg-vue\node_modules\node-sass
> node scripts/build.js
Binary found at D:\code\java\jeecg-boot\ant-design-jeecg-vue\node_modules\node-sass\vendor\win32-x64-67\binding.nodeTesting binary
Binary is fine
[email protected] D:\code\java\jeecg-boot\ant-design-jeecg-vue\node_modules\node-sass
D:\code\java\jeecg-boot\ant-design-jeecg-vue>
liudonghua123
on 27 Apr 2019
Related issues
pulkitnandan
·
4Comments
harukaeru
·
3Comments
mkbctrl
·
4Comments
WebTerminator
·
3Comments
samayo
·
3Comments
Most helpful comment
export SASS_BINARY_PATH should resolve this issue.
You can download XXX_binding.node and export to SASS_BINARY_PATH.
export SASS_BINARY_PATH=~/somepath/linux-x64-11_binding.node