8000 Npm pkg Install fails when network access is restricted to npm repository only (internal/private network setup). · Issue #1180 · electron/rebuild · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Npm pkg Install fails when network access is restricted to npm repository only (internal/private network setup). #1180

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
nambrozoh opened this issue Apr 7, 2025 · 7 comments
Open

Npm pkg Install fails when network access is restricted to npm repository only (internal/private network setup). #1180

nambrozoh opened this issue Apr 7, 2025 · 7 comments

Comments

@nambrozoh
Copy link

Environment

  • Network configuration: Restricted to private npm registry (internal clone), no access to github.
  • Npm Packages:
    • "@electron/rebuild": "3.7.1 "
    • "electron": "34.3.2"

Error

npm ERR! Error while executing:
npm ERR! /bin/git ls-remote -h -t https://github.com/electron/node-gyp.git
npm ERR!
npm ERR! fatal: unable to access 'https://github.com/electron/node-gyp.git/': Failed to connect to github.com port 443 after 1047 ms: Couldn't connect to server
npm ERR!
npm ERR! exited with error code: 128

Current Behavior

  • Build process fails when attempting to access external resources in github
  • Unable to complete installation in restricted network environments

Expected Behavior

  • Package should be able to build successfully when network access is limited to the @electron/node-gyp npm repository
  • Dependencies should be properly resolved through npm registry

Proposed Solutions
Either:

  1. Switch to using regular node-gyp instead of @electron/node-gyp
    • Regular node-gyp has better support for restricted network environments
    • Would resolve the network access issues

OR

  1. Update @electron/node-gyp README documentation to:
    • Clearly explain why @electron/node-gyp is required over regular node-gyp
    • Document any specific network requirements
    • Provide workarounds for restricted network environments

Additional Context
This issue affects organizations with strict network policies where external access is limited to npm repository only.

Impact

  • Blocks adoption in enterprise environments
  • Causes deployment issues in secure/restricted networks
@nrsundberg
Copy link

I have this issue as well.

@cmdcolin
Copy link
cmdcolin commented Apr 16, 2025
edited
Loading

I don't have this exact issue but the https reference to github instead of a stable npm release is confusing our yarn v1 lockfile

if it was changed to make @electron/node-gyp point at a stable npm release that would be great

some users on my team get this error, some don't

$ yarn
yarn install v1.22.22
[1/4] Resolving packages...
error Couldn't find match for "06b29aafb7708acef8b3669835c8a7857ebc92d2" in "refs/heads/dependabot/github_actions/seanmiddleditch/gha-setup-ninja-6,refs/heads/felixr-optional-chaining,refs/heads/felixr-private-fields,refs/heads/main,refs/heads/release-please--branches--main--components--node-gyp,refs/heads/release-please--branches--main--components--node-gyp--release-notes" for "https://github.com/electron/node-gyp".

and then it flip flops between these two states in the lockfile

diff --git a/yarn.lock b/yarn.lock
index 10d743a21..837b61c53 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1690,9 +1690,9 @@
   optionalDependencies:
     global-ag
8000
ent "^3.0.0"

-"@electron/node-gyp@git+https://github.com/electron/node-gyp.git#06b29aafb7708acef8b3669835c8a7857eb>
+"@electron/node-gyp@https://github.com/electron/node-gyp#06b29aafb7708acef8b3669835c8a7857ebc92d2":
   version "10.2.0-electron.1"
-  resolved "git+https://github.com/electron/node-gyp.git#06b29aafb7708acef8b3669835c8a7857ebc92d2"
+  resolved "https://github.com/electron/node-gyp#06b29aafb7708acef8b3669835c8a7857ebc92d2"
   dependencies:
     env-paths "^2.2.0"
     exponential-backoff "^3.1.1"

@lvzhenbo lvzhenbo mentioned this issue Apr 25, 2025
Open
@lvzhenbo
Copy link

@felixrieseberg 96b462a

@schontz
Copy link
schontz commented May 13, 2025

Any update on this? This is breaking our CI/CD and is not easily resolved because this is a dependency of a dependency. This seems like a mistake because @electron/node-gyp says this:

This is a fork of the original and excellent node-gyp with only one feature added: Support for Node v12

Node 12 is come and gone.

@lvzhenbo
Copy link

I think the results are in.
https://github.com/electron/rebuild/releases/tag/v4.0.1

@schontz
Copy link
schontz commented May 13, 2025

We are consuming this via Electron Forge, which still runs on v3. Please release a v3 fix.

❯ npm list @electron/rebuild
local-app@1.0 /path/to/app
├─┬ @electron-forge/cli@7.8.1
│ ├─┬ @electron-forge/core-utils@7.8.1
│ │ ├─┬ @electron-forge/shared-types@7.8.1
│ │ │ └── @electron/rebuild@3.7.2 deduped
│ │ └── @electron/rebuild@3.7.2
│ ├─┬ @electron-forge/core@7.8.1
│ │ ├─┬ @electron-forge/publisher-base@7.8.1
│ │ │ └─┬ @electron-forge/shared-types@7.8.1
│ │ │   └── @electron/rebuild@3.7.2 deduped
│ │ ├─┬ @electron-forge/shared-types@7.8.1
│ │ │ └── @electron/rebuild@3.7.2 deduped
│ │ ├─┬ @electron-forge/template-base@7.8.1
│ │ │ └─┬ @electron-forge/shared-types@7.8.1
│ │ │   └── @electron/rebuild@3.7.2 deduped
│ │ ├─┬ @electron-forge/template-vite-typescript@7.8.1
│ │ │ └─┬ @electron-forge/shared-types@7.8.1
│ │ │   └── @electron/rebuild@3.7.2 deduped
│ │ ├─┬ @electron-forge/template-vite@7.8.1
│ │ │ └─┬ @electron-forge/shared-types@7.8.1
│ │ │   └── @electron/rebuild@3.7.2 deduped
│ │ ├─┬ @electron-forge/template-webpack-typescript@7.8.1
│ │ │ └─┬ @electron-forge/shared-types@7.8.1
│ │ │   └── @electron/rebuild@3.7.2 deduped
│ │ ├─┬ @electron-forge/template-webpack@7.8.1
│ │ │ └─┬ @electron-forge/shared-types@7.8.1
│ │ │   └── @electron/rebuild@3.7.2 deduped
│ │ └── @electron/rebuild@3.7.2 deduped
│ └─┬ @electron-forge/shared-types@7.8.1
│   └── @electron/rebuild@3.7.2 deduped
└─┬ @electron-forge/maker-dmg@6.2.1
  └─┬ @electron-forge/shared-types@6.2.1
    └── @electron/rebuild@3.7.2 deduped

@schontz
Copy link
schontz commented May 13, 2025

@VerteDinde Can a v3 release be scheduled for the fix? This needs to trickle back into Electron Forge, which is thankfully using ^3.x.y version numbering.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@schontz @cmdcolin @nambrozoh @lvzhenbo @nrsundberg
0