Yarn: Adding package 3d-view fails with status code 404.

Created on 11 Feb 2020  路  20Comments  路  Source: yarnpkg/yarn

Bug description


Adding package 3d-view fails with status code 404.

Command

yarn add 3d-view

What is the current behavior?

Error: https://registry.yarnpkg.com/3d-view: Not found
      at Request.params.callback [as _callback] (C:\Program Files (x86)\Yarn\lib\cli.js:60182:18)
      at Request.self.callback (C:\Program Files (x86)\Yarn\lib\cli.js:120166:22)
      at Request.emit (events.js:210:5)
      at Request.<anonymous> (C:\Program Files (x86)\Yarn\lib\cli.js:121138:10)
      at Request.emit (events.js:210:5)
      at IncomingMessage.<anonymous> (C:\Program Files (x86)\Yarn\lib\cli.js:121060:12)
      at Object.onceWrapper (events.js:299:28)
      at IncomingMessage.emit (events.js:215:7)
      at endReadableNT (_stream_readable.js:1183:12)
      at processTicksAndRejections (internal/process/task_queues.js:80:21)

What is the expected behavior?

Package should found and download. It exists https://registry.npmjs.com/3d-view/-/3d-view-2.0.0.tgz.

Steps to Reproduce

  1. Install yarn
  2. run yarn add 3d-view

Environment

  • Node Version: 12.13.0
  • Yarn v1 Version: 1.10.1
  • OS and version: Windows 10 Version 1903 (OS Build 18362.418)
picture NZepeda
👍11

Most helpful comment

As a workaround, you can try creating a .npmrc file at the root of impacted projects containing the following line:

registry=https://yarn.npmjs.org
picture dbjorge on 11 Feb 2020
👍12

All 20 comments

Appears to repro with any package whose name begins with a number. Repros for me with 7zip-bin, 3d-view, 9gscraper, 0http, using yarn v1.22.0.

Our CI builds suggest that it began happening about 2 hours ago

dbjorge picture dbjorge on 11 Feb 2020
👍4

Following up here from the electron-builder issue. Only occurring on packages starting with digits on Windows. Seems to be an NPM issue; doesn鈥檛 appear to be explicitly tied to Yarn.

pfgallagher picture pfgallagher on 11 Feb 2020

In my testing, it appears specific to the use of yarn with https://registry.yarnpkg.com. In particular, using yarn add 0http --registry https://yarn.npmjs.org succeeds where yarn add 0http --registry https://registry.yarnpkg.com, even though DNS is telling me the latter is a CNAME for the former like I'd expect:

Q:\repos\test | 147 | 14:15:54 02/11
> yarn add 0http --registry https://registry.yarnpkg.com
yarn add v1.22.0
warning package-lock.json found. Your project contains lock files generated by tools other than Yarn. It is advised not to mix package managers in order to avoid resolution inconsistencies caused by unsynchronized lock files. To clear this warning, remove package-lock.json.
[1/4] Resolving packages...
error An unexpected error occurred: "https://registry.yarnpkg.com/0http: Not found".
info If you think this is a bug, please open a bug report with the information provided in "Q:\\repos\\test\\yarn-error.log".
info Visit https://yarnpkg.com/en/docs/cli/add for documentation about this command.
Exit code 1. Command took 1.040111 seconds.

Q:\repos\test | 148 | 14:16:12 02/11
> yarn add 0http --registry https://yarn.npmjs.org
yarn add v1.22.0
warning package-lock.json found. Your project contains lock files generated by tools other than Yarn. It is advised not to mix package managers in order to avoid resolution inconsistencies caused by unsynchronized lock files. To clear this warning, remove package-lock.json.
[1/4] Resolving packages...
[2/4] Fetching packages...
[3/4] Linking dependencies...
warning " > @semantic-release/[email protected]" has unmet peer dependency "semantic-release@>=16.0.0 <18.0.0".
[4/4] Building fresh packages...
success Saved 1 new dependency.
info Direct dependencies
鈹斺攢 [email protected]
info All dependencies
鈹斺攢 [email protected]
Done in 2.41s.

Q:\repos\test | 149 | 14:16:26 02/11
> npm install 0http
npm WARN [email protected] No description
npm WARN [email protected] No repository field.

+ [email protected]
removed 90 packages, updated 6 packages and audited 6 packages in 1.424s
found 0 vulnerabilities
dbjorge picture dbjorge on 11 Feb 2020

@pfgallagher

On macOS Catalina
npm install 7zip-bin succeeds
yarn add 7zip-bin fails

On Windows 10
npm install 7zip-bin succeeds
yarn add 7zip-bin fails

timfish picture timfish on 11 Feb 2020

@dbjorge Having the same problem with npm (i.e. the package manager), as well. Likely the registry itself.

npm i 7zip-bin is failing on windows here, but working on mac and centOS.

pfgallagher picture pfgallagher on 11 Feb 2020
👍1

Can confirm this occurs with a package I'm using called 3box. Also begins with a number.

adamsoffer picture adamsoffer on 11 Feb 2020

As a workaround, you can try creating a .npmrc file at the root of impacted projects containing the following line:

registry=https://yarn.npmjs.org
dbjorge picture dbjorge on 11 Feb 2020
👍12

Many thanks @dbjorge. That seems to work.

adamsoffer picture adamsoffer on 11 Feb 2020

As a workaround, you can try creating a .npmrc file at the root of impacted projects containing the following line:

registry=https://yarn.npmjs.org

That appears to work: interestingly https://registry.npmjs.com/7zip-bin and https://registry.yarnpkg.com/7zip-bin appear to be returning the same response.

pfgallagher picture pfgallagher on 11 Feb 2020
👍1

Playing around with Burp Suite, it appears that the https://registry.yarnpkg.com endpoint is 404ing on requests that use the HTTP header accept: application/vnd.npm.install-v1+json; q=1.0, application/json; q=0.8, */*; yarn and npm both attempt to perform downloads using this accept header first, and it fails for both of them, but where yarn fails out immediately, npm retries the same request with accept: application/json, which succeeds.

dbjorge picture dbjorge on 12 Feb 2020

Since registry.yarnpkg.com is a CNAME for yarn.npmjs.org, it's not clear to me whether this is actually an issue for the yarn owners or NPM registry owners to take a look at; in case it's the latter, I've just sent the following support request to NPM's support form:

Hello!

As registry.yarnpkg.com is a CNAME pointing to yarn.npmjs.org, it isn't clear to me whether an issue with registry.yarnpkg.com is best reported to NPM support or the yarn folks, so I'm reporting it to both. Apologies if you aren't the correct owners!

It appears that there is a partial outage of https://registry.yarnpkg.com which is blocking yarn in its default configuration from fetching packages whose names start with numbers (see https://github.com/yarnpkg/yarn/issues/7902 for details). The issue is very specific: false 404 errors are emitted only when:

  • requesting from https://registry.yarnpkg.com/7zip-bin, but not https://yarn.npmjs.org/7zip-bin, even though the former is a CNAME pointing to the latter
  • requesting using an accept header that prioritizes application/vnd.npm.install-v1+json (not an application/json, /, or an empty accept header)
  • requesting a package whose name starts with a 0-9 digit

This is impacting multiple teams; if you are the right folks to take action, it would be much appreciated if you could share updates at https://github.com/yarnpkg/yarn/issues/7902 in addition to this support ticket.

Thanks!
-Dan

dbjorge picture dbjorge on 12 Feb 2020
👍8

Nice work tracking that down, Dan! Hopefully this will be resolved soon.

I think the NPM version we're using is a few versions out of date, which might explain why it's not working for us. (Perhaps the retry logic was added later).

pfgallagher picture pfgallagher on 12 Feb 2020

It looks like https://registry.npmjs.org/ has the same issue as https://registry.yarnpkg.com (works normally but fails with a digit-prefix package request with the specific accept header in question), so at this point I'm betting much more heavily on an NPM registry side issue than anything the yarn folks are responsible for.

dbjorge picture dbjorge on 12 Feb 2020

Response from npm:

thank you for reporting this, we've identified the issue and have rolled out a fix, though this might take a couple of hours to propagate across all our nodes and CDN layer.

medikoo picture medikoo on 12 Feb 2020
👍7

There is a similar issue but without package begining with a digit :/

https://github.com/facebook/create-react-app/issues/8465

abouquet picture abouquet on 12 Feb 2020

Same problem still happening 10 hours later.

jimthedev picture jimthedev on 12 Feb 2020
👍5

Hi all - I work at @npm and we're very sorry about the 404's you are experiencing.

We have identified the issue on our end and rolled out the fix. Unfortunately, its going take some time to propagate through all our nodes in our CDN layer.

You can follow along for progress via the incident on our status page

Also, you if you have other packages affected then please feel free to contact our support team directly.

nomadtechie picture nomadtechie on 12 Feb 2020
11

I am also seeing this issue. Tried all of the listed work around's but didn't have any luck...

dalenoe picture dalenoe on 12 Feb 2020

There is an ongoing npm issue related to 404s
https://status.npmjs.org/incidents/lvgmcrfvrvsh

rally25rs picture rally25rs on 12 Feb 2020

Marking this as closed since the problem has been acknowledged by npm and they have rolled out a fix on their end. As mentioned, it may take time to propagate through their servers. Keep an eye on https://status.npmjs.org for further info.

rally25rs picture rally25rs on 12 Feb 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

davidmaxwaterman picture davidmaxwaterman  路  3Comments
MunifTanjim picture MunifTanjim  路  3Comments
victornoel picture victornoel  路  3Comments
danez picture danez  路  3Comments
bouk picture bouk  路  3Comments