[Pkg-javascript-devel] Bug#1012021: Bug#1012021: unreproducible here

Pirate Praveen praveen at onenetbeyond.org
Sun May 29 20:34:34 BST 2022 


On തി, മേയ് 30 2022 at 12:56:53 രാവിലെ 
+05:30:00 +05:30:00, Pirate Praveen <praveen at onenetbeyond.org> wrote:
> 
> 
> On ഞാ, മേയ് 29 2022 at 09:34:45 രാവിലെ 
> +02:00:00 +02:00:00, Paolo Greppi <paolo.greppi at libpf.com> wrote:
>> Hi Andreas! thanks for your report. To try to reproduce it, I set up 
>> multiarch for docker 
>> (https://github.com/multiarch/qemu-user-static) then:
>> 
>>     docker run --rm -it arm64v8/debian:unstable bash
>>     apt update
>>     apt upgrade
>>     apt install curl yarnpkg
>>     curl -o package.json 
>> https://salsa.debian.org/pkg-security-team/greenbone-security-assistant/-/raw/debian/master/package.json?inline=false
>>     curl -o yarn.lock 
>> https://salsa.debian.org/pkg-security-team/greenbone-security-assistant/-/raw/debian/master/yarn.lock?inline=false
>>     yarnpkg
>> 
>> (this command reads the list of dependencies from package.json + the 
>> exact versions from yarn.lock and downloads them all in 
>> node_modules/ dir).
>> 
>> While the command runs, top reports that the node process is using 
>> quite some memory:
>> 
>>        PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM 
>> TIME+ COMMAND
>>     595069 root      20   0 2202764 688100  44356 R 128,2   2,9 
>> 9:06.30 node
>> 
>> but ultimately it succeeds:
>> 
>>     root at f679258d6a63:/# yarnpkg
>>     yarn install v1.22.19
>>     [1/5] Validating package.json...
>>     [2/5] Resolving packages...
>>     [3/5] Fetching packages...
>>     [4/5] Linking dependencies...
>>     warning "@greenbone/ui-components > bootstrap at 4.6.0" has unmet 
>> peer dependency "jquery at 1.9.1 - 3".
>>     warning "@greenbone/ui-components > bootstrap at 4.6.0" has unmet 
>> peer dependency "popper.js@^1.16.1".
>>     warning "@greenbone/ui-components > styled-components at 5.2.1" has 
>> unmet peer dependency "react-is@>= 16.8.0".
>>     warning " > babel-loader at 8.1.0" has unmet peer dependency 
>> "webpack@>=2".
>>     warning "react-scripts > @typescript-eslint/eslint-plugin > 
>> tsutils at 3.17.1" has unmet peer dependency "typescript@>=2.8.0 || >= 
>> 3.2.0-dev || >= 3.3.0-dev || >= 3.4.0-dev || >= 3.5.0-dev || >= 
>> 3.6.0-dev || >= 3.6.0-beta || >= 3.7.0-dev || >= 3.7.0-beta".
>>     warning "@storybook/react > 
>> react-docgen-typescript-plugin at 0.6.2" has unmet peer dependency 
>> "typescript@>= 3.x".
>>     warning "@storybook/react > react-docgen-typescript-plugin > 
>> react-docgen-typescript at 1.20.5" has unmet peer dependency 
>> "typescript@>= 3.x".
>>     warning "@storybook/react > react-docgen-typescript-plugin > 
>> react-docgen-typescript-loader at 3.7.2" has unmet peer dependency 
>> "typescript@*".
>>     warning " > @testing-library/user-event at 13.1.9" has unmet peer 
>> dependency "@testing-library/dom@>=7.21.4".
>>     warning " > eslint-config-prettier at 8.3.0" has unmet peer 
>> dependency "eslint@>=7.0.0".
>>     [5/5] Building fresh packages...
>>     Done in 448.36s.
>>     root at f679258d6a63:/# uname -a
>>     Linux f679258d6a63 5.10.0-14-amd64 #1 SMP Debian 5.10.113-1 
>> (2022-04-29) aarch64 GNU/Linux
>> 
>> Could it be an issue of low-memory on the !amd64 builder machines ?
>> 
>> Also I was looking for logs here but no luck:
>> https://buildd.debian.org/status/package.php?p=greenbone-security-assistant
>> 
>> Finally there is more trouble ahead when building this package, 
>> because I also tried:
>> 
>>     apt install git
>>     git clone 
>> https://salsa.debian.org/pkg-security-team/greenbone-security-assistant
>>     cd greenbone-security-assistant
>>     yarnpkg
>>     yarnpkg build
>> 
>> and the last command failed with:
>> 
>>     ...
>>     Error: error:0308010C:digital envelope routines::unsupported
>>         at new Hash (node:internal/crypto/hash:67:19)
>>         at Object.createHash (node:crypto:130:10)
>>         at module.exports 
>> (/greenbone-security-assistant/node_modules/webpack/lib/util/createHash.js:135:53)
>>         at NormalModule._initBuildHash 
>> (/greenbone-security-assistant/node_modules/webpack/lib/NormalModule.js:417:16)
>>         at 
>> /greenbone-security-assistant/node_modules/webpack/lib/NormalModule.js:452:10
>>         at 
>> /greenbone-security-assistant/node_modules/webpack/lib/NormalModule.js:323:13
>>         at 
>> /greenbone-security-assistant/node_modules/loader-runner/lib/LoaderRunner.js:367:11
>>         at 
>> /greenbone-security-assistant/node_modules/loader-runner/lib/LoaderRunner.js:233:18
>>         at context.callback 
>> (/greenbone-security-assistant/node_modules/loader-runner/lib/LoaderRunner.js:111:13)
>>         at 
>> /greenbone-security-assistant/node_modules/babel-loader/lib/index.js:59:103
>>         at processTicksAndRejections 
>> (node:internal/process/task_queues:96:5) {
>>       opensslErrorStack: [ 'error:03000086:digital envelope 
>> routines::initialization error' ],
>>       library: 'digital envelope routines',
>>       reason: 'unsupported',
>>       code: 'ERR_OSSL_EVP_UNSUPPORTED'
>>     }
>>     error Command failed with exit code 1.
>> 
>> (this also happens on amd64 BTW).
>> 
>> According to the interwebs this should only occur with node v17 
>> (whereas in unstable we have v16.15.0) and indeed the commonly 
>> proposed workaround fails:
>> 
>>     NODE_OPTIONS=--openssl-legacy-provider yarnpkg build
>>     /usr/bin/node: --openssl-legacy-provider is not allowed in 
>> NODE_OPTIONS
>> 
> I was also seeing this error while looking at node-babel-loader
> 
> We might need to fix node-babel-loader
> 
> https://github.com/babel/babel-loader/issues/923

> 
Even though the pull request is merged 
https://github.com/babel/babel-loader/pull/924 I get same error on 
master branch of upstream babel-loader repo with yarnpkg test.

More information about the Pkg-javascript-devel mailing list