cdk-cli: cannot deploy due to colors dependency #18322
Comments
campionfellin
added
bug
|
Just pin the dep to 1.4.0 |
Taking a look at why it's here, there are several modules that directly or indirectly depend on it: I'm gonna open a pull request to fix it for packages within this repo, but there are a few packages not in this repo that would still need it fixed to guarantee that the problem is fixed.
|
eladb
changed the title
|
A note on this. If you are installing the CLI with If you are installing with |
|
What about |
|
@nkoudelia I'm not sure there is. The best way to workaround this issue (and future similar ones) is to install with NPM and take advantage of the shrinkwrap file. Is there a specific reason you need to use |
No specific reason for |
Fixes #18322 and #18323 Clarifying question: I'm not sure if the `yarn.lock` file should have automatically updated itself to only refer to `[email protected]` when I set the dependency within the workspace _and_ added the resolution for child dependencies. If it's expected behavior for it _not_ to update the `yarn.lock` file after adding `resolutions`, great! If I need to do something else for that to happen, let me know! ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
Fixes #18322 and #18323 Clarifying question: I'm not sure if the `yarn.lock` file should have automatically updated itself to only refer to `[email protected]` when I set the dependency within the workspace _and_ added the resolution for child dependencies. If it's expected behavior for it _not_ to update the `yarn.lock` file after adding `resolutions`, great! If I need to do something else for that to happen, let me know! ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fixes #18322 and #18323 Clarifying question: I'm not sure if the `yarn.lock` file should have automatically updated itself to only refer to `[email protected]` when I set the dependency within the workspace _and_ added the resolution for child dependencies. If it's expected behavior for it _not_ to update the `yarn.lock` file after adding `resolutions`, great! If I need to do something else for that to happen, let me know! ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
Hi, I saw this issue pop up on my Google feed. Some open source dev pushed a commit to color.js that made it like this. I think hotfixes are given and a new version might be out soon. Is this repo famous on GitHub? |
|
This is not a joke. |
|
Oh... It seemed like a joke. I mean, millions of packages depend on this and that fellow who committed that change just destroyed this. I hope everything goes out fine here! |
|
Why you didn't fund marak? |
because he does it for free |
|
That's savage. Anyway, it's solved, someone create a backup of colors.js if
Marak decides to delete it.
|
Fixes aws#18322 and aws#18323 Clarifying question: I'm not sure if the `yarn.lock` file should have automatically updated itself to only refer to `[email protected]` when I set the dependency within the workspace _and_ added the resolution for child dependencies. If it's expected behavior for it _not_ to update the `yarn.lock` file after adding `resolutions`, great! If I need to do something else for that to happen, let me know! ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
What is the problem?
Getting this in our automation suites -
Seems to be related to a certain release of the
colorslibrary - Marak/colors.js#285Could you please fork a lower version, or otherwise remove the dependency?
Reproduction Steps
What did you expect to happen?
I expected to be able to deploy my package 😢
What actually happened?
Stack overflow due to the dependency on
colorsjsCDK CLI Version
latest
Framework Version
No response
Node.js Version
14.x
OS
ubuntu
Language
Typescript
Language Version
No response
Other information
🙏
The text was updated successfully, but these errors were encountered: