Do you want to request a feature or report a bug?
Bug
What is the current behavior?
Upon trying to update my current version of yarn (0.18.1) to the latest available update, I get this error
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 6746 0 6746 0 0 507 0 --:--:-- 0:00:13 --:--:-- 1640
Installing Yarn!
/home/proxima/.yarn/bin/yarn
> Downloading tarball...
[1/2]: https://yarnpkg.com/latest.tar.gz --> /tmp/proxima/yarn.tar.gz.lDQSH2eOFn
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 92 100 92 0 0 10 0 0:00:09 0:00:08 0:00:01 24
100 595 0 595 0 0 38 0 --:--:-- 0:00:15 --:--:-- 143
1 3844k 1 69194 0 0 108 0 10:07:27 0:10:35 9:56:52 0
curl: (56) SSL read: error:00000000:lib(0):func(0):reason(0), errno 110
[2/2]: https://yarnpkg.com/latest.tar.gz.asc --> /tmp/proxima/yarn.tar.gz.lDQSH2eOFn.asc
100 96 100 96 0 0 11 0 0:00:08 0:00:08 --:--:-- 25
100 600 0 600 0 0 33 0 --:--:-- 0:00:17 --:--:-- 138
100 900 100 900 0 0 32 0 0:00:28 0:00:27 0:00:01 228
> Verifying integrity...
gpg: Signature made Mon 06 Mar 2017 12:16:15 PM EST
gpg: using RSA key 6A010C5166006599AA17F08146C2130DFD2497F5
gpg: BAD signature from "Yarn Packaging <[email protected]>" [unknown]
> GPG signature for this Yarn release is invalid! This is BAD and may mean the release has been tampered with. It is strongly recommended that you report this to the Yarn developers.
If the current behavior is a bug, please provide the steps to reproduce.
Run curl -o- -L https://yarnpkg.com/install.sh | bash
What is the expected behavior?
Should install with no errors
Please mention your node.js, yarn and operating system version.
Node.js v7.6.0
Yarn 0.18.1
Arch Linux 4.4.5
heyjordn
All 4 comments
Your cURL request seems to have cut out part way through the file:
curl: (56) SSL read: error:00000000:lib(0):func(0):reason(0), errno 110
This would result in a corrupted .tar.gz file, so the signature would not match.
Could you please try again and see whether it works?
Daniel15
on 13 Apr 2017
👍3
$ curl -o- -L https://yarnpkg.com/install.sh | bash
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 6746 0 6746 0 0 15945 0 --:--:-- --:--:-- --:--:-- 15985
Installing Yarn!
> Downloading tarball...
[1/2]: https://yarnpkg.com/latest.tar.gz --> /tmp/yarn.tar.gz.zp0510TfuV
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 92 100 92 0 0 177 0 --:--:-- --:--:-- --:--:-- 177
100 595 0 595 0 0 547 0 --:--:-- 0:00:01 --:--:-- 547
100 3861k 100 3861k 0 0 343k 0 0:00:11 0:00:11 --:--:-- 436k
[2/2]: https://yarnpkg.com/latest.tar.gz.asc --> /tmp/yarn.tar.gz.zp0510TfuV.asc
100 96 100 96 0 0 545 0 --:--:-- --:--:-- --:--:-- 545
100 600 0 600 0 0 1009 0 --:--:-- --:--:-- --:--:-- 1009
100 900 100 900 0 0 1247 0 --:--:-- --:--:-- --:--:-- 1247
> Verifying integrity...
gpg: Signature made Wed 12 Apr 2017 07:57:54 PM EEST using RSA key ID FD2497F5
gpg: lookup_hashtable failed: eof
gpg: Good signature from "Yarn Packaging <[email protected]>"
gpg: lookup_hashtable failed: eof
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 72EC F46A 56B4 AD39 C907 BBB7 1646 B01B 86E5 0310
Subkey fingerprint: 6A01 0C51 6600 6599 AA17 F081 46C2 130D FD24 97F5
> GPG signature for this Yarn release is invalid! This is BAD and may mean the release has been tampered with. It is strongly recommended that you report this to the Yarn developers.
FDiskas
on 14 Apr 2017
Works fine now, not sure what happened. Thanks lol
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 6746 0 6746 0 0 11377 0 --:--:-- --:--:-- --:--:-- 11376
Installing Yarn!
/home/proxima/.yarn/bin/yarn
> Downloading tarball...
[1/2]: https://yarnpkg.com/latest.tar.gz --> /tmp/proxima/yarn.tar.gz.z558ddGsu7
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 92 100 92 0 0 144 0 --:--:-- --:--:-- --:--:-- 144
100 595 0 595 0 0 516 0 --:--:-- 0:00:01 --:--:-- 581k
100 3861k 100 3861k 0 0 82116 0 0:00:48 0:00:48 --:--:-- 78515
[2/2]: https://yarnpkg.com/latest.tar.gz.asc --> /tmp/proxima/yarn.tar.gz.z558ddGsu7.asc
100 96 100 96 0 0 705 0 --:--:-- --:--:-- --:--:-- 705
100 600 0 600 0 0 656 0 --:--:-- --:--:-- --:--:-- 656
100 900 100 900 0 0 889 0 0:00:01 0:00:01 --:--:-- 175k
> Verifying integrity...
gpg: Signature made Wed 12 Apr 2017 11:57:54 AM EST
gpg: using RSA key 6A010C5166006599AA17F08146C2130DFD2497F5
gpg: Good signature from "Yarn Packaging <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 72EC F46A 56B4 AD39 C907 BBB7 1646 B01B 86E5 0310
Subkey fingerprint: 6A01 0C51 6600 6599 AA17 F081 46C2 130D FD24 97F5
> GPG signature looks good
> Extracting to ~/.yarn...
> Adding to $PATH...
> We've added the following to your /home/proxima/.zshrc
> If this isn't the profile of your current shell then please add the following to your correct profile:
export PATH="$HOME/.yarn/bin:$PATH"
> Successfully installed Yarn 0.23.2! Please open another terminal where the `yarn` command will now be available.
Thanks for the update :)
Daniel15
on 15 Apr 2017
Was this page helpful?
0 / 5 - 0 ratings
Related issues
torifat
路
3Comments
danez
路
3Comments
FLGMwt
路
3Comments
ocolot
路
3Comments
mnpenner
路
3Comments
Most helpful comment
Your cURL request seems to have cut out part way through the file:
This would result in a corrupted .tar.gz file, so the signature would not match.
Could you please try again and see whether it works?