Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pnpm thinks Github Codespaces is unsafe #3709

Closed
evantahler opened this issue Aug 25, 2021 · 4 comments · Fixed by pnpm/npm-lifecycle#38 or #4369
Closed

pnpm thinks Github Codespaces is unsafe #3709

evantahler opened this issue Aug 25, 2021 · 4 comments · Fixed by pnpm/npm-lifecycle#38 or #4369
Assignees
@BlackHole1
Labels
type: bug
Milestone
v7.0

Comments

@evantahler
Copy link

Running pnpm install inside a Github Codespace does not run prepare lifecyles hooks because it thinks the directory is unsafe. Running pnpm install --unsafe-perm works as intended.

pnpm version: 6.14.3

Code to reproduce the issue:

Using the Grouparoo repo (https://github.com/grouparoo/grouparoo):

pnpm install

produces

root ➜ /workspaces/grouparoo (main ✗) $ pnpm install
Scope: all 44 workspace projects
 WARN  There are cyclic workspace dependencies
Using hooks from: /workspaces/grouparoo/.pnpmfile.cjs
readPackage hook is declared. Manifests of dependencies might get overridden
Lockfile is up-to-date, resolution step is skipped
Already up-to-date
. preinstall$ ./bin/preinstall
└─ Running...
cli prepare$ rm -rf dist && tsc --declaration && chmod 0766 dist/grouparoo.js
└─ Running...
 WARN  "preinstall" script of "@grouparoo/grouparoo@0.0.0" inside "/workspaces/grouparoo" is skipped as the working directory seems suspicious. To run this lifecycle script anyway, use "--unsafe-perm".
 WARN  "prepare" script of "grouparoo@0.5.3-alpha.5" inside "

And none of the prepare lifecycle hooks fire (which we use to compile typescript)

  • node -v prints: v15.14.0
  • Windows, macOS, or Linux?: linux, Linux 45cb69da334b 5.4.0-1055-azure #57~18.04.1-Ubuntu SMP Fri Jul 16 19:40:19 UTC 2021 x86_64 GNU/Linux
@Klemensas
Copy link

Encountered same issue when trying to build a dockerfile with a workdir of /app. Might be related, though I'm happy to create a separate issue if needed.

#20 29.60  WARN  "preinstall" script of "core@" inside "/app" is skipped as the working directory seems suspicious. To run this lifecycle script anyway, use "--unsafe-perm".
#20 29.60  WARN  "postinstall" script of "core@" inside "/app" is skipped as the working directory seems suspicious. To run this lifecycle script anyway, use "--unsafe-perm".

@aminya
Copy link

aminya commented Feb 20, 2022

I also faced this issue in docker files.

@BlackHole1 BlackHole1 self-assigned this Feb 21, 2022
@BlackHole1
Copy link
Member

Please wait and let me have a look, this should be fixed soon.

@BlackHole1 BlackHole1 mentioned this issue Feb 21, 2022
Merged
@zkochan
Copy link
Member

zkochan commented Feb 21, 2022

Can we check if this works with the latest npm without unsafe-perm?

@zkochan zkochan added this to the v7.0 milestone Feb 21, 2022
zkochan added a commit that referenced this issue Feb 21, 2022
@zkochan
feat: run scripts without --unsafe-perm
9847737 
close #3709
@zkochan zkochan mentioned this issue Feb 21, 2022
Merged
zkochan added a commit that referenced this issue Feb 22, 2022
@zkochan
feat: run scripts without --unsafe-perm (#4369)
d999a08 
close #3709
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@BlackHole1 BlackHole1

Labels
type: bug
Projects
None yet
Milestone
v7.0
5 participants
@evantahler @zkochan @BlackHole1 @Klemensas @aminya