Regression: EPERM operation not permitted on Windows

Question

Regression: EPERM operation not permitted on Windows

SleeplessByte opened this issue 4 years ago · 8 comments

It seems the #18 and related issues have regressed.

  isMonorepo false
  npmPath C\\Users\\[snip]\\AppData\\Roaming\\npm-cache\\_npx\\2808\\node_modules\\yarn-audit-fix\\node_modules\\.bin\\npm.cm
  npmVersion 7.12.0
  nodeVersion v12.18.2
  yafVersion 4.3.3
  temp C\\Users\\[snip]\\node_modules\\.cache\\yarn-audit-fix\\ef8927d2f5ca90c9
  cwd C\\Users\\[snip]
  flags
    npm-path local

Preparing temp assets...
Failure!
Error: EPERM: operation not permitted, symlink 'C:\Users\[snip]\node_modules' -> '2f5ca90c9b755890a68ea0d2b\node_modules'
    at Object.symlinkSync (fs.js:1088:3)
    at Object.createSymlinkSync

To reproduce:

$ npx yarn-audit-fix
npx: installed 339 in 11.953s

Answer 1 · 2021-05-08T13:59:20.000Z

Hey, @SleeplessByte,

Do you have enough user permissions to create a symlink? As I understand, Windows may require root/admin role grants for this action: lovell/sharp#1671 (comment).
If this approach is not applicable, it's possible to add regular node_moodules copying as a fallback.

Answer 2 · 2021-05-08T14:42:50.000Z

Running an elevated terminal in order to solve this issue is not a solution, but a workaround. That will also mean that any postinstall messages will have elevated access, which is something we definitely don't want (it's a lot like executing everything as root).

Given that the regular route (package lock via npm, npm audit fix, and then import) does not require root access, a decent fallback may be that if it hits and EPERM at this step, it falls back to the "regular copy".

That said, this exact issue was solved here. Before it required elevated context to create a directory symlink (regular file symlinks were fine). The linked PR fixed that.

Answer 3 · 2021-05-09T12:49:37.000Z

@SleeplessByte,

Ok, I'll try to fix it, but I need some assistance. I just don't have a Windows machine for experiments right now.
PR#121. Could you try 5.0.0-rc.0 for your case?

Answer 4 · 2021-05-13T07:32:26.000Z

@SleeplessByte, any news?

Answer 5 · 2021-05-14T02:03:43.000Z

Sorry, haven't been able to try yet. I'll attempt tomorrow :)

Answer 6 · 2021-05-14T17:44:46.000Z

It seems to go further now, but then fail at the final step:

Answer 7 · 2021-05-14T18:03:47.000Z

This is fine. yaf is just a very fragile workaround. Some of its issues must be resolved in synp at first, but there is definitely not enough time for this work, alack. You may try to reduce dep scope: yarn-audit-fix --only=prod. Hope this helps.

Thanks for your feedback.

Answer 8 · 2021-05-14T18:21:42.000Z

🎉 This issue has been resolved in version 4.3.6 🎉

The release is available on:

Your semantic-release bot 📦🚀