[BUG] cannot unpublish 2 minutes after publishing #1686
Labels
Comments
ovanderzee
added
Bug
|
I had the same error message but I didn't even run https://github.com/vercel/vercel/runs/1076007594#step:6:649 My best guess is that there is a consistency problem after publishing a package and immediately running another command. It may or may not be related to the original issue posted here. |
|
Happened to me too. I know there's one dependent package but it has a fixed version. How come I cannot unpublish a newer version that nobody is dependent on? |
|
The current policy is unfortunately that if any version is depended on, then no version can be unpublished. You can try filing a support ticket to see if they can help, but in the meantime, your best bet is to file a patch version that's later than the one you want to unpublish (changing "latest" won't help people who have already upgraded), and then |
|
Got it. That's sad that any dependent version is a blocker :( |
|
npm If your bug is preproducible on If your issue was a feature request, please consider opening a new RRFC or RFC. If your issue was a question or other idea that was not CLI-specific, consider opening a discussion on our feedback repo Closing: This is an automated message. |
This is quite surprising. I do not think there is a gain in preventing the author to unpublish a new version that nobody depends on. On the other end, I can see several reasons why this may be bad for the community... |
crapStone
pushed a commit
to Calciumdibromid/CaBr2
that referenced
this issue
Apr 28, 2023
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [prettier](https://prettier.io) ([source](https://github.com/prettier/prettier)) | devDependencies | patch | [`2.8.7` -> `2.8.8`](https://renovatebot.com/diffs/npm/prettier/2.8.7/2.8.8) | --- ### Release Notes <details> <summary>prettier/prettier</summary> ### [`v2.8.8`](https://github.com/prettier/prettier/blob/HEAD/CHANGELOG.md#​288) [Compare Source](prettier/prettier@2.8.7...2.8.8) This version is a republished version of v2.8.7. A bad version was accidentally published and [it can't be unpublished](npm/cli#1686), apologies for the churn. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS42MS4wIiwidXBkYXRlZEluVmVyIjoiMzUuNjMuMSJ9--> Co-authored-by: cabr2-bot <cabr2.help@gmail.com> Reviewed-on: https://codeberg.org/Calciumdibromid/CaBr2/pulls/1872 Reviewed-by: Epsilon_02 <epsilon_02@noreply.codeberg.org> Co-authored-by: Calciumdibromid Bot <cabr2_bot@noreply.codeberg.org> Co-committed-by: Calciumdibromid Bot <cabr2_bot@noreply.codeberg.org>
cbush
pushed a commit
to mongodb/docs-realm
that referenced
this issue
May 19, 2023
<h3>Snyk has created this PR to upgrade prettier from 2.8.7 to
2.8.8.</h3>
:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>
- The recommended version is **1 version** ahead of your current
version.
- The recommended version was released **21 days ago**, on 2023-04-23.
<details>
<summary><b>Release notes</b></summary>
<br/>
<details>
<summary>Package name: <b>prettier</b></summary>
<ul>
<li>
<b>2.8.8</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/2.8.8">2023-04-23</a></br><p>This
version is a republished version of v2.8.7.<br>
A bad version was accidentally published and <a
href="https://snyk.io/redirect/github/npm/cli/issues/1686"
data-hovercard-type="issue"
data-hovercard-url="/npm/cli/issues/1686/hovercard">it can't be
unpublished</a>, apologies for the churn.</p>
</li>
<li>
<b>2.8.7</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/2.8.7">2023-03-24</a></br><ul>
<li>Allow multiple decorators on same getter/setter</li>
</ul>
<p><g-emoji class="g-emoji" alias="link"
fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f517.png">🔗</g-emoji>
<a
href="https://snyk.io/redirect/github/prettier/prettier/blob/main/CHANGELOG.md#287">Changelog</a></p>
</li>
</ul>
from <a
href="https://snyk.io/redirect/github/prettier/prettier/releases">prettier
GitHub release notes</a>
</details>
</details>
<hr/>
**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*
For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI0MzBjM2RkMy0zMDQ1LTQyMDctOGFlYy1hNjdhNmFjNTM2MzQiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjQzMGMzZGQzLTMwNDUtNDIwNy04YWVjLWE2N2E2YWM1MzYzNCJ9fQ=="
width="0" height="0"/>
🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg=prettier&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
<!---
(snyk:metadata:{"prId":"430c3dd3-3045-4207-8aec-a67a6ac53634","prPublicId":"430c3dd3-3045-4207-8aec-a67a6ac53634","dependencies":[{"name":"prettier","from":"2.8.7","to":"2.8.8"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2023-04-23T07:26:12.772Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->
---------
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
This was referenced Aug 28, 2023
Woodpile37
added a commit
to Woodpile37/EIPs
that referenced
this issue
Nov 11, 2023
![https://github.githubassets.com/images/icons/emoji/unicode/1f517.png">🔗</g-emoji](https://github.githubassets.com/images/icons/emoji/unicode/1f517.png">🔗</g-emoji){kind=link}
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade prettier
from 2.8.4 to 3.0.3.</h3>
:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>
*Warning:* This is a major version upgrade, and may be a breaking
change.
- The recommended version is **21 versions** ahead of your current
version.
- The recommended version was released **2 months ago**, on 2023-08-29.
<details>
<summary><b>Release notes</b></summary>
<br/>
<details>
<summary>Package name: <b>prettier</b></summary>
<ul>
<li>
<b>3.0.3</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/3.0.3">2023-08-29</a></br><p>🔗
<a
href="https://snyk.io/redirect/github/prettier/prettier/blob/main/CHANGELOG.md#303">Changelog</a></p>
</li>
<li>
<b>3.0.2</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/3.0.2">2023-08-15</a></br><p>🔗
<a
href="https://snyk.io/redirect/github/prettier/prettier/blob/main/CHANGELOG.md#302">Changelog</a></p>
</li>
<li>
<b>3.0.1</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/3.0.1">2023-08-03</a></br><p>🔗
<a
href="https://snyk.io/redirect/github/prettier/prettier/blob/main/CHANGELOG.md#301">Changelog</a></p>
</li>
<li>
<b>3.0.0</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/3.0.0">2023-07-05</a></br><p><a
href="https://snyk.io/redirect/github/prettier/prettier/compare/3.0.0-alpha.6...3.0.0">diff</a></p>
<p>🔗 <a href="https://prettier.io/blog/2023/07/05/3.0.0.html"
rel="nofollow">Release note</a></p>
</li>
<li>
<b>3.0.0-alpha.9-for-vscode</b> - 2023-04-23
</li>
<li>
<b>3.0.0-alpha.8-for-vscode</b> - 2023-04-23
</li>
<li>
<b>3.0.0-alpha.7-for-vscode</b> - 2023-04-23
</li>
<li>
<b>3.0.0-alpha.12</b> - 2023-05-26
</li>
<li>
<b>3.0.0-alpha.11</b> - 2023-04-25
</li>
<li>
<b>3.0.0-alpha.10</b> - 2023-04-23
</li>
<li>
<b>3.0.0-alpha.6</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/3.0.0-alpha.6">2023-03-02</a></br><h2>What's
Changed</h2>
<ul>
<li>Update <code>.d.ts</code> files of plugins to use <code>export
default ...</code> by <a class="user-mention notranslate"
data-hovercard-type="user" data-hovercard-url="/users/fisker/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/fisker">@ fisker</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1606363376" data-permission-text="Title is private"
data-url="prettier/prettier#14435"
data-hovercard-type="pull_request"
data-hovercard-url="/prettier/prettier/pull/14435/hovercard"
href="https://snyk.io/redirect/github/prettier/prettier/pull/14435">#14435</a></li>
</ul>
<p>Other changes since v2, see <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/3.0.0-alpha.1"><code>3.0.0-alpha.1</code>
release notes</a></p>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/prettier/prettier/compare/3.0.0-alpha.5...3.0.0-alpha.6"><tt>3.0.0-alpha.5...3.0.0-alpha.6</tt></a></p>
</li>
<li>
<b>3.0.0-alpha.5</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/3.0.0-alpha.5">2023-03-01</a></br><h2>What's
Changed</h2>
<ul>
<li>Add <code>.d.ts</code> files by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/sosukesuzuki/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/sosukesuzuki">@ sosukesuzuki</a>
in <a class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1551827494" data-permission-text="Title is private"
data-url="prettier/prettier#14212"
data-hovercard-type="pull_request"
data-hovercard-url="/prettier/prettier/pull/14212/hovercard"
href="https://snyk.io/redirect/github/prettier/prettier/pull/14212">#14212</a></li>
<li>Support TypeScript 5 via <code>babel-ts</code> parser by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/fisker/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/fisker">@ fisker</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1592662394" data-permission-text="Title is private"
data-url="prettier/prettier#14391"
data-hovercard-type="pull_request"
data-hovercard-url="/prettier/prettier/pull/14391/hovercard"
href="https://snyk.io/redirect/github/prettier/prettier/pull/14391">#14391</a></li>
</ul>
<p>Other changes since v2, see <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/3.0.0-alpha.1"><code>3.0.0-alpha.1</code>
release notes</a></p>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/prettier/prettier/compare/3.0.0-alpha.4...3.0.0-alpha.5"><tt>3.0.0-alpha.4...3.0.0-alpha.5</tt></a></p>
</li>
<li>
<b>3.0.0-alpha.4</b> - 2022-10-26
</li>
<li>
<b>3.0.0-alpha.3</b> - 2022-10-20
</li>
<li>
<b>3.0.0-alpha.2</b> - 2022-10-13
</li>
<li>
<b>3.0.0-alpha.1</b> - 2022-10-08
</li>
<li>
<b>3.0.0-alpha.0</b> - 2022-08-17
</li>
<li>
<b>2.8.8</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/2.8.8">2023-04-23</a></br><p>This
version is a republished version of v2.8.7.<br>
A bad version was accidentally published and <a
href="https://snyk.io/redirect/github/npm/cli/issues/1686"
data-hovercard-type="issue"
data-hovercard-url="/npm/cli/issues/1686/hovercard">it can't be
unpublished</a>, apologies for the churn.</p>
</li>
<li>
<b>2.8.7</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/2.8.7">2023-03-24</a></br><ul>
<li>Allow multiple decorators on same getter/setter</li>
</ul>
<p>🔗 <a
href="https://snyk.io/redirect/github/prettier/prettier/blob/main/CHANGELOG.md#287">Changelog</a></p>
</li>
<li>
<b>2.8.6</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/2.8.6">2023-03-21</a></br><ul>
<li>Allow decorators on private members and class expressions</li>
</ul>
<p>🔗 <a
href="https://snyk.io/redirect/github/prettier/prettier/blob/main/CHANGELOG.md#286">Changelog</a></p>
</li>
<li>
<b>2.8.5</b> - <a
href="https://snyk.io/redirect/github/prettier/prettier/releases/tag/2.8.5">2023-03-20</a></br><ul>
<li>Support TypeScript 5.0</li>
</ul>
<p>🔗 <a
href="https://snyk.io/redirect/github/prettier/prettier/blob/main/CHANGELOG.md#285">Changelog</a></p>
</li>
<li>
<b>2.8.4</b> - 2023-02-08
</li>
</ul>
from <a
href="https://snyk.io/redirect/github/prettier/prettier/releases">prettier
GitHub release notes</a>
</details>
</details>
<hr/>
**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*
For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIwZDMxM2Q5Ny01OTJjLTRmM2UtODI2OC1hYzE1ZWExNjA2ZmQiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjBkMzEzZDk3LTU5MmMtNGYzZS04MjY4LWFjMTVlYTE2MDZmZCJ9fQ=="
width="0" height="0"/>
🧐 [View latest project
report](https://app.snyk.io/org/woodpile37/project/f9f1a542-e77b-401b-9d83-577aad2ba722?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/woodpile37/project/f9f1a542-e77b-401b-9d83-577aad2ba722/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/woodpile37/project/f9f1a542-e77b-401b-9d83-577aad2ba722/settings/integration?pkg=prettier&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
<!---
(snyk:metadata:{"prId":"0d313d97-592c-4f3e-8268-ac15ea1606fd","prPublicId":"0d313d97-592c-4f3e-8268-ac15ea1606fd","dependencies":[{"name":"prettier","from":"2.8.4","to":"3.0.3"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/f9f1a542-e77b-401b-9d83-577aad2ba722?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"f9f1a542-e77b-401b-9d83-577aad2ba722","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":21,"publishedDate":"2023-08-29T12:30:11.880Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":true,"isBreakingChange":true,"priorityScoreList":[]})
--->
@ljharb This is disheartening. If I accidentally published a new version, can't unpublish it even the very next minute. Also, the command |
|
@Abhinandan-Kushwaha if you have 2fa enabled, as you should, then there is a confirmation already. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Current Behavior:
I received an error message at the command line:
$ npm unpublish my-lib@1.4.0
npm ERR! code E405
npm ERR! 405 Method Not Allowed - PUT https://registry.npmjs.org/my-lib/-rev/14-878ad331638f5b05ac5eb9a52ff15fc0 - You can no longer unpublish this package.
npm ERR! Failed criteria:
npm ERR! has dependent packages in the registry
npm ERR!
npm ERR! Please deprecate it instead:
npm ERR! npm deprecate -f 'my-lib@1.4.0' "this package has been deprecated"
npm ERR! To learn more about our unpublish policies, see https://www.npmjs.com/policies/unpublish
Expected Behavior:
I expected the package to be unpublished, like described in https://docs.npmjs.com/cli/unpublish
An other page, https://www.npmjs.com/policies/unpublish talks about "newly created packages"
The description of both pages do not match.
Anyhow, i think it should be possible to remove packages with errors within a few minutes.
Steps To Reproduce:
publish in the root directory of a before published package
unpublish with package name and version number
Environment:
The text was updated successfully, but these errors were encountered: