Friday, August 18, 2017

One recent morning started out with the previous night's upgrade of nodejs still sitting there waiting:

Get:1 https://deb.nodesource.com/node_8.x buster/main amd64 nodejs amd64 8.3.0-1nodesource1~buster1 [13.2 MB]
Fetched 7,894 kB in 1h 10min 44s (1,859 B/s)
Retrieving bug reports... Done
Parsing Found/Fixed information... Done
Reading changelogs... Done
(Reading database ... 143397 files and directories currently installed.)
Preparing to unpack .../nodejs_8.3.0-1nodesource1~buster1_amd64.deb ...
Detected old npm client, removing...
Unpacking nodejs (8.3.0-1nodesource1~buster1) over (6.11.2-1nodesource1~buster1) ...
Setting up nodejs (8.3.0-1nodesource1~buster1) ...
Installing new version of config file /etc/profile.d/nodejs.sh ...
Processing triggers for man-db (2.7.6.1-2) ...


Yeah, I knowwww... Check that out.... 7,894 kilobytes.... taking 70 minutes to install. Welcome to computing at the speed of abject poverty.

(Not so) funny is that wasn't even the whole download. That was only the last partial of it so the time invested was more than that for that 13.2 megabyte file at day's end. #TrueStory.

PS Last partial... Have I mentioned "abject poverty" yet? It's nothing to have to stop installs for to be able to accomplish something else online at a transfer rate higher than 963 BYTES per second. #EvenTruerStory.

So those last few lines there... I initially did not grasp that part where my packages will no longer only come from Debian secured repositories. That's kinda sorta a little scary and is something everyone must keep in mind 110% of the time during this adventure.

Killed me to do it, but I traveled over to my once former one-liner /etc/apt/sources.list file for to witness it no longer being only one line....

But it still is.

That's because the new repository's indicator was injected into a newly generated file at:

/etc/apt/sources.list.d/nodesource.list

That file in whole says:

deb https://deb.nodesource.com/node_8.x buster main
deb-src https://deb.nodesource.com/node_8.x buster main


I keep forgetting about that "deb-src" part. I need to remind myself what that's about. That wouldn't be thrown in there just because(y) they got a wild hair up their keyboard. There's a rationale behind that, but I've forgotten what that is.

That notation that it [d]etected old npm client, removing is not an advisement that I ever see left in place. It's not hard to imagine that this potentially is what goes on when software is upgraded. Then again, maybe package managers install a whole new instance instead of packing in a new one over top of an existing one.

Except that... no, I've seen the advisements that my apt-get was unpacking new editions actually over top of something already installed under their respective names.

Being so new at this whole node thingy, I don't know if we only ever need one instance of npm... or not. For most of the rest of the packages, it's imperative that we know and control what's there. This would include the fact that you can have many versions of the same named package all residing side by side.

During my initial peer dependencies installation attempts a couple days ago, that's where a major bug was encountered with eslint and webpack. Those two kept narcissistically deleting any of their respective "sibling" packages that they found during the installation process. Yes, that's a #FAIL which in my case caused me to repeatedly go in circles trying to install those two last necessary peer dependencies. *grin*

Then I found a newer npm Github bug that says.... it's not just me. *comforting to know*

Much later that same day.... and mostly just because I had not yet mangled things enough:

npm uninstall --save beaker
npm WARN deprecated isparta-loader@0.2.0: Package is deprecated, use https://github.com/deepsweet/istanbul-instrumenter-loader
npm WARN deprecated jade@1.11.0: Jade has been renamed to pug, please install the latest version of pug instead of jade
npm WARN deprecated bower@1.8.0: ..psst! While Bower is maintained, we recommend Yarn and Webpack for *new* front-end projects! Yarn's advantage is security and reliability, and Webpack's is support for both CommonJS and AMD projects. Currently there's no migration path, but please help to create it: https://github.com/bower/bower/issues/2467
npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated transformers@2.1.0: Deprecated, use jstransformer
npm WARN deprecated css-list@0.1.3: Deprecated.
npm WARN deprecated graceful-fs@1.2.3: graceful-fs v3.0.0 and before will fail on node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible. Use 'npm ls graceful-fs' to find it in the tree.
npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm ERR! Unexpected end of input at 1:17415
npm ERR! Shrinkwrap":false},"3.6.1":{"name":"eslint-plugin-react","version":"3
npm ERR!

npm ERR! A complete log of this run can be found in:
npm ERR! /home/[user]/.npm/_logs/2017-08-17T01_39_38_742Z-debug.log


No, actually I'm not sure that I originally installed beaker while using that --save flag. Another tip I gathered somewhere was that you have to or should use the same flag for uninstall that you did for npm install. I don't remember a "why", just that you should.

This is where it starts turning my stomach. I'm not versed at separating my dependencies and such into their respective lumps. Once you can, then it's not so hard to.....

Oh, wait.... maybe that file that's causing so many problems has a clue? *let's check that out*

Now more error looking error chatter:

npm ERR! errno EAI_AGAIN

Without actually going onto any webpages, I'm seeing things like that it's about being behind a proxy and suchly. Since I'm on dialup, maybe it's purely about access, period.

And now another one.... ENOTFOUND

Also not to be forgotten: rollbackFailedOptional.

At day's end, the speed of locally provided dialup started looking like a feasible culprit. Even higher on my list, though, was that I started wondering about a "slashdot effect" on npm. Last night I went ahead and pondered that out loud over at npm's Github. Even from a newbie's perspective, it just seems like a lot of sudden connectivity issues for it to suddenly all only be about the end user.

In the meantime, the glitch... the bug... appeared to be fixable by simply rinse and repeating install attempts until they actually installed successfully. Sometimes it takes more than a few times, but it does seem to work... if you keep plugging on.....

*to be continued...* :)

No comments: