Throws error "URL is not defined"
smeijer opened this issue · 10 comments
Expected Behavior
Some vulnerability report should be shown as output
Current Behavior
λ npx is-website-vulnerable http://google.com
npx: installed 235 in 24.612s
URL is not defined
Steps to Reproduce (for bugs)
- run
npx is-website-vulnerable http://google.com
- wait for results
- read error
URL is not defined
Your Environment
- Library Version used: latest
- Node.js version: 8.16.1
- Operating System: Windows 10, up to date
I see it's on Windows, will look into it!
@ahmedkrmn as I see you're running Windows can you take a look into this issue since @smeijer reported it on a Windows OS? I don't have that handy to verify quickly
Getting same issue.
Running Ubuntu via Windows Subsystem for Linux (WSL). Distro info:
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.6 LTS"
Windows version: Microsoft Windows [Version 10.0.18362.388]
npm --v: 6.5.0
node --version: v9.11.2
@doncullen @smeijer while I didn't fix it, I added some debugging so we can see what's going on. Can you run:
DEBUG=* npx is-website-vulnerable http://google.com
and tell me what you see? it should show what URL is being passed to lighthouse to run the audits. Like this:
@doncullen @smeijer actually, just found the issue - I'm using the latest lighthouse version which requires Node.js >= 10 and you are both using older Node.js versions (6 and 9) (see reference of issue here: GoogleChrome/lighthouse#8909 (comment))
Can you upgrade your Node.js instances and check?
🎉 This issue has been resolved in version 1.2.0 🎉
The release is available on:
Your semantic-release bot 📦🚀
@doncullen @smeijer if you don't/can't upgrade your Node.js versions to >= 10 then you might still be able to use it - I added a workaround to allow lighthouse to run with your old Node.js versions. Nothing required on your part except from re-running it (if you installed is-website-vulnerable
as a global module then make sure you upgrade it to 1.2.0 with npm install -g is-website-vulnerable@1.2.0
Upgrading Node.js to v12.11.1 solved the issue, like you suggested. I didn't test on < 10 since I didn't see new comment saying you implemented workaround at the time I did the upgrade. Working fine now. Thanks for the quick fix!
Cool stuff!
Can confirm that it's working on v8.16 now as well.
λ npx is-website-vulnerable http://google.com
npx: installed 237 in 13.715s
Website: https://www.google.com/?gws_rd=ssl
○ No JavaScript libraries detected with publicly known security vulnerabilities
[0] Total vulnerabilities
[2312.85ms] execution time
vulnerabilities powered by Snyk.io (https://snyk.io/vuln?type=npm)