Throws error "URL is not defined"

Question

Throws error "URL is not defined"

smeijer opened this issue 5 years ago · 10 comments

Expected Behavior

Some vulnerability report should be shown as output

Current Behavior

λ npx is-website-vulnerable http://google.com
npx: installed 235 in 24.612s
URL is not defined

Steps to Reproduce (for bugs)

run npx is-website-vulnerable http://google.com
wait for results
read error URL is not defined

Your Environment

Library Version used: latest
Node.js version: 8.16.1
Operating System: Windows 10, up to date

Answer 1 · 2019-10-06T20:57:00.000Z

I see it's on Windows, will look into it!

Answer 2 · 2019-10-06T21:01:43.000Z

@ahmedkrmn as I see you're running Windows can you take a look into this issue since @smeijer reported it on a Windows OS? I don't have that handy to verify quickly

Answer 3 · 2019-10-07T07:22:19.000Z

Getting same issue.

Running Ubuntu via Windows Subsystem for Linux (WSL). Distro info:

DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.6 LTS"

Windows version: Microsoft Windows [Version 10.0.18362.388]

npm --v: 6.5.0
node --version: v9.11.2

Answer 4 · 2019-10-07T07:55:47.000Z

@doncullen @smeijer while I didn't fix it, I added some debugging so we can see what's going on. Can you run:

DEBUG=* npx is-website-vulnerable http://google.com

and tell me what you see? it should show what URL is being passed to lighthouse to run the audits. Like this:

Answer 5 · 2019-10-07T07:58:59.000Z

@doncullen @smeijer actually, just found the issue - I'm using the latest lighthouse version which requires Node.js >= 10 and you are both using older Node.js versions (6 and 9) (see reference of issue here: GoogleChrome/lighthouse#8909 (comment))

Can you upgrade your Node.js instances and check?

Answer 6 · 2019-10-07T08:19:42.000Z

🎉 This issue has been resolved in version 1.2.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Answer 7 · 2019-10-07T08:24:50.000Z

@doncullen @smeijer if you don't/can't upgrade your Node.js versions to >= 10 then you might still be able to use it - I added a workaround to allow lighthouse to run with your old Node.js versions. Nothing required on your part except from re-running it (if you installed is-website-vulnerable as a global module then make sure you upgrade it to 1.2.0 with npm install -g is-website-vulnerable@1.2.0

Answer 8 · 2019-10-07T08:36:47.000Z

Upgrading Node.js to v12.11.1 solved the issue, like you suggested. I didn't test on < 10 since I didn't see new comment saying you implemented workaround at the time I did the upgrade. Working fine now. Thanks for the quick fix!

Answer 9 · 2019-10-07T08:43:31.000Z

Cool stuff!

Answer 10 · 2019-10-07T16:49:24.000Z

Can confirm that it's working on v8.16 now as well.

λ npx is-website-vulnerable http://google.com
npx: installed 237 in 13.715s

  Website: https://www.google.com/?gws_rd=ssl

  ○ No JavaScript libraries detected with publicly known security vulnerabilities

  [0] Total vulnerabilities
  [2312.85ms] execution time

  vulnerabilities powered by Snyk.io (https://snyk.io/vuln?type=npm)