yarn audit intermittent 503s on monorepos

Do you want to request a feature or report a bug?
bug

What is the current behavior?
Running yarn audit on a monorepo is returning with a 503 error more often than not.

If the current behavior is a bug, please provide the steps to reproduce.
If you run npx yarn@1.13.0 against https://github.com/newsuk/times-components in the root directory you will see:

➜  times-components git:(master) ✗ npx yarn@latest audit
npx: installed 1 in 4.242s
yarn audit v1.13.0
/Users/mark/.npm/_npx/94131/lib/node_modules/yarn/lib/cli.js:66237
            throw new (_errors || _load_errors()).ResponseError(_this3.reporter.lang('requestFailed', description), res.statusCode);
            ^

Error: Request failed "503 Service Unavailable"
    at ResponseError.ExtendableBuiltin (/Users/mark/.npm/_npx/94131/lib/node_modules/yarn/lib/cli.js:702:66)
    at new ResponseError (/Users/mark/.npm/_npx/94131/lib/node_modules/yarn/lib/cli.js:808:124)
    at Request.params.callback [as _callback] (/Users/mark/.npm/_npx/94131/lib/node_modules/yarn/lib/cli.js:66237:19)
    at Request.self.callback (/Users/mark/.npm/_npx/94131/lib/node_modules/yarn/lib/cli.js:129397:22)
    at Request.emit (events.js:159:13)
    at Request.<anonymous> (/Users/mark/.npm/_npx/94131/lib/node_modules/yarn/lib/cli.js:130369:10)
    at Request.emit (events.js:159:13)
    at IncomingMessage.<anonymous> (/Users/mark/.npm/_npx/94131/lib/node_modules/yarn/lib/cli.js:130291:12)
    at Object.onceWrapper (events.js:254:19)
    at IncomingMessage.emit (events.js:164:20)

What is the expected behavior?
Expect to consistently get back any vulnerabilities.

Please mention your node.js, yarn and operating system version.
node v9.3.0
yarn v1.13.0
macOS High Sierra 10.13.3

Author: Fantashit

3 thoughts on “yarn audit intermittent 503s on monorepos

  1. I’ve been seeing these 503s as well, it doesn’t seem to have anything to do with NPM’s server capacity, as it’s consistent by repo. I suspect the 503 just means the backend reached a ~10 second timeout.

    On one repo that was consistently failing I was able to get it to work by removing one dependency from the submitted JSON payload, but the 503s don’t seem to be correlated to either payload size (in bytes) or dependency tree size, because there’s another repo with a much larger dependency tree (totalDependencies > 200,000) that works just fine.

  2. We were having this same issue with 100%% failure rate when we upgraded our CI to use the latest yarn version. We have downgraded back and this issue doesn’t appear anymore. It seems like it’s not entirely npm’s fault.

  3. I consistently get 503 in this huge project. It’s not related to yarn in my case at least as sending the request manually to npmjs (not even using yarn’s proxy) will result in the same.

    Guys … lets think about it … if the npm service cannot handle mono repos, due to the amount of deps … we could simply perform multiple requests … instead of a big one. I dont know how difficult this is to implement in yarn, never took a look at the source code.

    Just a suggestion, not a critical thing right now for me. If it comes, I will try to evaluate the code.

Comments are closed.