Re: [Release-job-failures] Release of openstack/karma-subunit-reporter failed
zuul@openstack.org wrote:
- release-openstack-javascript http://logs.openstack.org/64/647112461fdc90aa3e468f0d5f846e16b032c87d/releas... : POST_FAILURE in 5m 07s - announce-release announce-release : SKIPPED
Error is npm ERR! You cannot publish over the previously published versions: 0.0.4. : karma-subunit-reporter History here is that the tag in the git repo was incorrectly named (v0.0.4) last time the release was manually uploaded to npm (as 0.0.4). Since this is a re-release of the tag with correct name (0.0.4), the fact that the publication is failing (and announcement is skipped) is probably a good thing. -- Thierry Carrez (ttx)
Hey, Yeah this error seems to be normal since the version 0.0.4 already exist on the repository. - https://www.npmjs.com/package/karma-subunit-reporter An another question is 2 lines below the npm error : + npm@4.6.12018-12-19 10:15:02.372290 <http://logs.openstack.org/64/647112461fdc90aa3e468f0d5f846e16b032c87d/release/release-openstack-javascript/d6af9b6/job-output.txt.gz#_2018-12-19_10_15_02_372290> | localhost | added 299 packages from 591 contributors and audited 1181 packages in 9.459s2018-12-19 10:15:02.372387 <http://logs.openstack.org/64/647112461fdc90aa3e468f0d5f846e16b032c87d/release/release-openstack-javascript/d6af9b6/job-output.txt.gz#_2018-12-19_10_15_02_372387> | localhost | found 42 vulnerabilities (2 low, 34 moderate, 6 high) 42 Vulnerabilities found... I not an nodejs and npm expert so I'm not sure that is a real problem but I think we need to take look about this. Thoughts? Le mer. 19 déc. 2018 à 13:44, Thierry Carrez <thierry@openstack.org> a écrit :
zuul@openstack.org wrote:
- release-openstack-javascript http://logs.openstack.org/64/647112461fdc90aa3e468f0d5f846e16b032c87d/releas... : POST_FAILURE in 5m 07s - announce-release announce-release : SKIPPED
Error is npm ERR! You cannot publish over the previously published versions: 0.0.4. : karma-subunit-reporter
History here is that the tag in the git repo was incorrectly named (v0.0.4) last time the release was manually uploaded to npm (as 0.0.4).
Since this is a re-release of the tag with correct name (0.0.4), the fact that the publication is failing (and announcement is skipped) is probably a good thing.
-- Thierry Carrez (ttx)
-- Hervé Beraud Senior Software Engineer Red Hat - Openstack Oslo irc: hberaud -----BEGIN PGP SIGNATURE----- wsFcBAABCAAQBQJb4AwCCRAHwXRBNkGNegAALSkQAHrotwCiL3VMwDR0vcja10Q+ Kf31yCutl5bAlS7tOKpPQ9XN4oC0ZSThyNNFVrg8ail0SczHXsC4rOrsPblgGRN+ RQLoCm2eO1AkB0ubCYLaq0XqSaO+Uk81QxAPkyPCEGT6SRxXr2lhADK0T86kBnMP F8RvGolu3EFjlqCVgeOZaR51PqwUlEhZXZuuNKrWZXg/oRiY4811GmnvzmUhgK5G 5+f8mUg74hfjDbR2VhjTeaLKp0PhskjOIKY3vqHXofLuaqFDD+WrAy/NgDGvN22g glGfj472T3xyHnUzM8ILgAGSghfzZF5Skj2qEeci9cB6K3Hm3osj+PbvfsXE/7Kw m/xtm+FjnaywZEv54uCmVIzQsRIm1qJscu20Qw6Q0UiPpDFqD7O6tWSRKdX11UTZ hwVQTMh9AKQDBEh2W9nnFi9kzSSNu4OQ1dRMcYHWfd9BEkccezxHwUM4Xyov5Fe0 qnbfzTB1tYkjU78loMWFaLa00ftSxP/DtQ//iYVyfVNfcCwfDszXLOqlkvGmY1/Y F1ON0ONekDZkGJsDoS6QdiUSn8RZ2mHArGEWMV00EV5DCIbCXRvywXV43ckx8Z+3 B8qUJhBqJ8RS2F+vTs3DTaXqcktgJ4UkhYC2c1gImcPRyGrK9VY0sCT+1iA+wp/O v6rDpkeNksZ9fFSyoY2o =ECSj -----END PGP SIGNATURE-----
Herve Beraud wrote:
Hey,
Yeah this error seems to be normal since the version 0.0.4 already exist on the repository.
- https://www.npmjs.com/package/karma-subunit-reporter
An another question is 2 lines below the npm error :
+ npm@4.6.1 2018-12-19 10:15:02.372290 <http://logs.openstack.org/64/647112461fdc90aa3e468f0d5f846e16b032c87d/release/release-openstack-javascript/d6af9b6/job-output.txt.gz#_2018-12-19_10_15_02_372290> | localhost | added 299 packages from 591 contributors and audited 1181 packages in 9.459s 2018-12-19 10:15:02.372387 <http://logs.openstack.org/64/647112461fdc90aa3e468f0d5f846e16b032c87d/release/release-openstack-javascript/d6af9b6/job-output.txt.gz#_2018-12-19_10_15_02_372387> | localhost | found 42 vulnerabilities (2 low, 34 moderate, 6 high)
42 Vulnerabilities found... I not an nodejs and npm expert so I'm not sure that is a real problem but I think we need to take look about this. Thoughts?
Not a NPM specialist, but this might be due to karma-subunit-reporter not having been updated for a couple of years, and declaring outdated dependencies. The log is unclear whether those are directly tied to "npm@4.6.1" (which I could not find as a direct dependency) or coming from the direct deps of k-s-r (subunit-js@0.0.2, karma>=0.9...) -- Thierry Carrez (ttx)
participants (2)
-
Herve Beraud
-
Thierry Carrez