Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

audit: report any errors above 400 as potentially not supporting audit #128

Merged
merged 1 commit into from
Jan 9, 2019

Conversation

zkat
Copy link
Contributor

@zkat zkat commented Dec 19, 2018

@zkat zkat added the semver:patch semver patch level for changes label Dec 19, 2018
@zkat zkat requested a review from a team as a code owner December 19, 2018 17:34
@simonua
Copy link
Contributor

simonua commented Dec 19, 2018

This looks good to me. I think it closely gets us back to what we had before @iarna's change. Thanks, @zkat!

@@ -189,8 +189,8 @@ function auditCmd (args, cb) {
}).then((auditReport) => {
return audit.submitForFullReport(auditReport)
}).catch((err) => {
if (err.statusCode === 404 || err.statusCode >= 500) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

401 needs to not do this, as the main registry is (or is about to) start returning 401s when your auth data is bad, regardless of endpoint.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would suggest that at the very least, we catch 404, 401 and then all other errors separately and tune the error messages to align better, eg:

401 - "Either your login credentials are invalid or your registry does not support audit."
404 - "Your registry does not support audit."
all other - what you have now

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've changed this to follow your suggestion. You can re-review at your convenience.

Copy link
Contributor

@iarna iarna left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 🐑🚀💥

@simonua
Copy link
Contributor

simonua commented Jan 4, 2019

Thank you all very much! Looking forward to this in an upcoming release. Appreciate you, as always!

@aeschright aeschright merged commit f58b43e into release-next Jan 9, 2019
@aeschright aeschright deleted the zkat/better-audit-msg branch January 9, 2019 19:55
@fwilhe
Copy link

fwilhe commented Jan 10, 2019

Thanks for this PR, I think this is an improvement as the current error message is very misleading for server errors when you have not configured any other npm registry.

Would it make sense to maybe pass the actual http status code to the message, as this might be useful for investigating errors?

Also, when will this be included in an npm release?

@simonua
Copy link
Contributor

simonua commented Jan 11, 2019

I verified that the messaging in 6.6.0-next.1 successfully addresses this bug. Thank you, Kat, Rebecca, and Audrey!

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
semver:patch semver patch level for changes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants