Yarn on Windows breaks apps that read from the environment variables #8334
Comments
This was referenced Sep 9, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Bug description
yarn sets up some environment variables (like npm_config_cache) and calls execSync. This calls the Win32 API CreateProcess and passes an environment block which is a merge of the existing environment block (i.e. from the calling process) with some additional stuff that includes npm_config_cache among others.
Environment variables in Windows are case-insensitive, but CreateProcess does not sanitize the environment block. This is a problem because if the calling process had set up NPM_CONFIG_CACHE (all caps), then yarn will just set the lowercase variant of the variable, and node will call CreateProcess which will contain the variable twice.
This breaks some tools that create dictionaries out of the environment block because they expect to run into each variable exactly once (regardless of casing).
In my case we have a nodejs script that we invoke via yarn, and the nodejs script calls a Windows build utility (msbuild) which crashes when trying to set up options for the compiler when it finds this option twice. We run into this when building in our CI in Azure DevOps pipeline, which sets up NPM_CONFIG_CACHE in the environment.
Related:
Command
What is the current behavior?
when yarn spawns the nodejs script, it does so using an environment block that contains two copies of an environment variable, with different casing. This is illegal.
What is the expected behavior?
Yarn should sanitize the env block it passes
Steps to Reproduce
in cmd:
set NPM_CONFIG_CACHE=foobar
in package.json add this script:
"test": "echo console.log(process.env) | node -"
run
yarn testand see that there are two copies of npm_config_cache in the new process environment block:Environment
1.22.4The text was updated successfully, but these errors were encountered: