New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pnpm audit
goes into infinite loop
#6203
Comments
I'm sorry to hear this, it may have been brought on by my changes, but I haven't reproduced the problem yet. Can you help confirm that |
I'll try to spend a bit of time in the compiled code to see if I can track it down or at least see what it's recursing over. |
It seems like it's dying because of some absolutely gigantic output coming into the table, specifically on the I modified
The recursive stack trace fails here:
The cause seems to be that it's getting a whopping 54MB object for the paths; it does not appear to be infinitely deep, since JSON.stringify works in my console log, but the computation seems to run out of call stack (strange, because it doesn't look recursive unless spread is using internal recursion). The 54MB figure is based on writing the CLI output to a file to analyse it :) This does not occur if I remove the call to |
Did some more debugging and I don't think there's anything fundamentally wrong with the code...I just have a large and interconnected monorepo with 110 packages, and it takes a long time to scan to find all paths for a deeply interconnected package. It might be nice for large monorepos to have a flag to turn this feature off, and/or to limit the number of paths that will be resolved for a given dependency. In my case audit is done in a second or two without path resolution...and crashes with a stack overflow after about 90 seconds with it on. Here's the relevant code from the compiled
|
When the number of paths is too large, e.g. more than 50, is it possible to display it as follows:
|
What do you think of this, cc @zkochan ~ |
I would say more than 3. It is really not useful to see so many paths. I guess with npm it is not an issue because everything is hoisted and mostly there is only one path. |
pnpm version: >= 7.25.1
Code to reproduce the issue:
Reproduced on a large private repo; was unable to make a public replication scenario. I have a hypothesis of what's going on though. Feel free to close if nothing comes to mind as a cause :)
With 7.25.0 and earlier,
pnpm audit
worked fine on my private repo.With 7.25.1-7.29.1 the CLI spins for a few seconds and then throws:
#3073, which was added in 7.25.1 and alters the behavior of
audit
seems like a probable cause. I wonder if it's somehow creating an infinitely nested object that the table is trying to crawl?Expected behavior:
audit
runs without issueAdditional information:
node -v
prints: 18.12.1The text was updated successfully, but these errors were encountered: