Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency tar to v6.2.1 [SECURITY] #1134

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update dependency tar to v6.2.1 [SECURITY] #1134

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Apr 14, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
tar 6.2.0 -> 6.2.1 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2024-28863

Description:

During some analysis today on npm's node-tar package I came across the folder creation process, Basicly if you provide node-tar with a path like this ./a/b/c/foo.txt it would create every folder and sub-folder here a, b and c until it reaches the last folder to create foo.txt, In-this case I noticed that there's no validation at all on the amount of folders being created, that said we're actually able to CPU and memory consume the system running node-tar and even crash the nodejs client within few seconds of running it using a path with too many sub-folders inside

Steps To Reproduce:

You can reproduce this issue by downloading the tar file I provided in the resources and using node-tar to extract it, you should get the same behavior as the video

Proof Of Concept:

Here's a video show-casing the exploit:

Impact

Denial of service by crashing the nodejs client when attempting to parse a tar archive, make it run out of heap memory and consuming server CPU and memory resources

Report resources

payload.txt
archeive.tar.gz

Note

This report was originally reported to GitHub bug bounty program, they asked me to report it to you a month ago

Release Notes

isaacs/node-tar (tar)

v6.2.1

Compare Source

Configuration

📅 Schedule: Branch creation - "" in timezone Europe/London, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner April 14, 2024 00:05
@renovate renovate bot added the dependencies Pull requests that update a dependency file label Apr 14, 2024
@renovate renovate bot force-pushed the renovate/npm-tar-vulnerability branch 2 times, most recently from ca309e5 to 0e5b9c7 Compare April 26, 2024 17:56
@renovate renovate bot force-pushed the renovate/npm-tar-vulnerability branch from 0e5b9c7 to 5f6b701 Compare June 4, 2024 17:36
@renovate renovate bot force-pushed the renovate/npm-tar-vulnerability branch from 5f6b701 to 6467a53 Compare July 22, 2024 06:02
@renovate renovate bot force-pushed the renovate/npm-tar-vulnerability branch from 6467a53 to 597f947 Compare August 11, 2024 12:00
@renovate renovate bot force-pushed the renovate/npm-tar-vulnerability branch from 597f947 to c3b8cc9 Compare August 28, 2024 20:52
@renovate renovate bot force-pushed the renovate/npm-tar-vulnerability branch from c3b8cc9 to d4ae7ce Compare October 10, 2024 17:41
@renovate Renovate
Copy link
Author

renovate bot commented Dec 4, 2024
edited
Loading

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: yarn.lock
➤ YN0000: ┌ Resolution step
➤ YN0060: │ divorce-frontend@workspace:. provides mocha (pfc221) with version 9.2.2, which doesn't satisfy what stryker-mocha-framework requests
➤ YN0060: │ divorce-frontend@workspace:. provides mocha (p4e6d5) with version 9.2.2, which doesn't satisfy what stryker-mocha-runner requests
➤ YN0060: │ divorce-frontend@workspace:. provides node-sass (pd6c87) with version 8.0.0, which doesn't satisfy what sass-loader requests
➤ YN0060: │ divorce-frontend@workspace:. provides stryker-api (p695df) with version 0.16.1, which doesn't satisfy what stryker requests
➤ YN0000: │ Some peer dependencies are incorrectly met; run yarn explain peer-requirements <hash> for details, where <hash> is the six-letter p-prefixed code
➤ YN0000: └ Completed in 1s 8ms
➤ YN0000: ┌ Fetch step
➤ YN0013: │ 1827 packages were already cached, 13 had to be fetched
➤ YN0000: └ Completed in 2s 826ms
➤ YN0000: ┌ Link step
➤ YN0007: │ node-sass@npm:8.0.0 must be built because it never has been before or the last one failed
➤ YN0007: │ phantomjs-prebuilt@npm:2.1.16 must be built because it never has been before or the last one failed
➤ YN0008: │ nodemon@npm:1.19.4 must be rebuilt because its dependency tree changed
➤ YN0000: │ nodemon@npm:1.19.4 STDOUT �[32mLove nodemon? You can now support the project via the open collective:�[22m�[39m
➤ YN0000: │ nodemon@npm:1.19.4 STDOUT  > �[96m�[1mhttps://opencollective.com/nodemon/donate�[0m
➤ YN0000: │ nodemon@npm:1.19.4 STDOUT 
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR (node:1548) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR (Use `node --trace-deprecation ...` to show where the warning was created)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDOUT Considering PhantomJS found at /tmp/xfs-cbc67f98/phantomjs
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDOUT Found PhantomJS at /tmp/xfs-cbc67f98/phantomjs ...verifying
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR Error verifying phantomjs, continuing Error: Command failed: /tmp/xfs-cbc67f98/phantomjs --version
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR node:internal/errors:541
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR       throw error;
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR       ^
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR 
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR TypeError [ERR_INVALID_ARG_TYPE]: The "file" argument must be of type string. Received null
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at normalizeSpawnArguments (node:child_process:548:3)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at spawn (node:child_process:754:13)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Object.<anonymous> (/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/phantomjs-prebuilt/bin/phantomjs:22:10)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Module._compile (node:internal/modules/cjs/loader:1378:14)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Module._extensions..js (node:internal/modules/cjs/loader:1437:10)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Module.load (node:internal/modules/cjs/loader:1212:32)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Module._load (node:internal/modules/cjs/loader:1028:12)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:142:12)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at node:internal/main/run_main_module:28:49 {
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR   code: 'ERR_INVALID_ARG_TYPE'
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR }
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR 
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR Node.js v21.6.1
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR 
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at genericNodeError (node:internal/errors:984:15)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at wrappedFn (node:internal/errors:538:14)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at ChildProcess.exithandler (node:child_process:422:12)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at ChildProcess.emit (node:events:519:28)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at maybeClose (node:internal/child_process:1105:16)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at ChildProcess._handle.onexit (node:internal/child_process:305:5) {
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR   code: 1,
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR   killed: false,
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR   signal: null,
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR   cmd: '/tmp/xfs-cbc67f98/phantomjs --version'
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR }
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDOUT Download already available at /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDOUT Verified checksum of previously downloaded file
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDOUT Extracting tar contents (via spawned process)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR Error extracting archive
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR Phantom installation failed Error: Command failed: tar jxf /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR tar (child): bzip2: Cannot exec: No such file or directory
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR tar (child): Error is not recoverable: exiting now
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR tar: Child returned status 2
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR tar: Error is not recoverable: exiting now
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR 
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at genericNodeError (node:internal/errors:984:15)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at wrappedFn (node:internal/errors:538:14)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at ChildProcess.exithandler (node:child_process:422:12)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at ChildProcess.emit (node:events:519:28)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at maybeClose (node:internal/child_process:1105:16)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Socket.<anonymous> (node:internal/child_process:457:11)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Socket.emit (node:events:519:28)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Pipe.<anonymous> (node:net:337:12) {
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR   code: 2,
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR   killed: false,
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR   signal: null,
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR   cmd: 'tar jxf /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2'
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR } Error: Command failed: tar jxf /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR tar (child): bzip2: Cannot exec: No such file or directory
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR tar (child): Error is not recoverable: exiting now
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR tar: Child returned status 2
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR tar: Error is not recoverable: exiting now
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR 
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at genericNodeError (node:internal/errors:984:15)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at wrappedFn (node:internal/errors:538:14)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at ChildProcess.exithandler (node:child_process:422:12)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at ChildProcess.emit (node:events:519:28)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at maybeClose (node:internal/child_process:1105:16)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Socket.<anonymous> (node:internal/child_process:457:11)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Socket.emit (node:events:519:28)
➤ YN0000: │ phantomjs-prebuilt@npm:2.1.16 STDERR     at Pipe.<anonymous> (node:net:337:12)
➤ YN0009: │ phantomjs-prebuilt@npm:2.1.16 couldn't be built successfully (exit code 1, logs can be found here: /tmp/xfs-fceb8eae/build.log)
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT node-sass build Binary found at /tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/vendor/linux-x64-120/binding.node
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT Binary found at /tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/vendor/linux-x64-120/binding.node
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT Testing binary
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT Binary has a problem: Error: /tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/vendor/linux-x64-120/binding.node: file too short
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT     at Module._extensions..node (node:internal/modules/cjs/loader:1475:18)
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT     at Module.load (node:internal/modules/cjs/loader:1212:32)
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT     at Module._load (node:internal/modules/cjs/loader:1028:12)
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT     at Module.require (node:internal/modules/cjs/loader:1237:19)
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT     at require (node:internal/modules/helpers:176:18)
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT     at module.exports (/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/lib/binding.js:19:10)
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT     at Object.<anonymous> (/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/lib/index.js:13:35)
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT     at Module._compile (node:internal/modules/cjs/loader:1378:14)
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT     at Module._extensions..js (node:internal/modules/cjs/loader:1437:10)
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT     at Module.load (node:internal/modules/cjs/loader:1212:32) {
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT   code: 'ERR_DLOPEN_FAILED'
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT }
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT Building the binary locally
➤ YN0000: │ node-sass@npm:8.0.0 STDOUT Building: /opt/containerbase/tools/node/21.6.1/bin/node /tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/node_modules/node-gyp/bin/node-gyp.js rebuild --verbose --libsass_ext= --libsass_cflags= --libsass_ldflags= --libsass_library=
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info it worked if it ends with ok
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb cli [
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb cli   '/opt/containerbase/tools/node/21.6.1/bin/node',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb cli   '/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/node_modules/node-gyp/bin/node-gyp.js',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb cli   'rebuild',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb cli   '--verbose',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb cli   '--libsass_ext=',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb cli   '--libsass_cflags=',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb cli   '--libsass_ldflags=',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb cli   '--libsass_library='
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb cli ]
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info using node-gyp@8.4.1
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info using node@21.6.1 | linux | x64
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb command rebuild []
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb command clean []
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb clean removing "build" directory
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb command configure []
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb find Python Python is not set from command line or npm configuration
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb find Python Python is not set from environment variable PYTHON
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb find Python checking if "python3" can be used
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb find Python - executing "python3" to get executable path
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb find Python - executable path is "/usr/bin/python3"
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb find Python - executing "/usr/bin/python3" to get version
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb find Python - version is "3.12.3"
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info find Python using Python version 3.12.3 found at "/usr/bin/python3"
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb get node dir no --target version specified, falling back to host node version: 21.6.1
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb command install [ '21.6.1' ]
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb install input version string "21.6.1"
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb install installing version: 21.6.1
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb install --ensure was passed, so won't reinstall if already installed
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb install version is already installed, need to check "installVersion"
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb got "installVersion" 9
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb needs "installVersion" 9
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb install version is good
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb get node dir target node version installed: 21.6.1
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb build dir attempting to create "build" dir: /tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/build
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb build dir "build" dir needed to be created? Yes
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb build/config.gypi creating config file
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb build/config.gypi writing out config file: /tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/build/config.gypi
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb config.gypi checking for gypi file: /tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/config.gypi
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb common.gypi checking for gypi file: /tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/common.gypi
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp verb gyp gyp format was not specified; forcing "make"
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn /usr/bin/python3
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args [
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/node_modules/node-gyp/gyp/gyp_main.py',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   'binding.gyp',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-f',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   'make',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-I',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/build/config.gypi',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-I',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/node_modules/node-gyp/addon.gypi',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-I',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '/home/ubuntu/.cache/node-gyp/21.6.1/include/node/common.gypi',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-Dlibrary=shared_library',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-Dvisibility=default',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-Dnode_root_dir=/home/ubuntu/.cache/node-gyp/21.6.1',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-Dnode_gyp_dir=/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/node_modules/node-gyp',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-Dnode_lib_file=/home/ubuntu/.cache/node-gyp/21.6.1/<(target_arch)/node.lib',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-Dmodule_root_dir=/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-Dnode_engine=v8',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '--depth=.',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '--no-parallel',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '--generator-output',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   'build',
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args   '-Goutput_dir=.'
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp info spawn args ]
➤ YN0000: │ node-sass@npm:8.0.0 STDERR Traceback (most recent call last):
➤ YN0000: │ node-sass@npm:8.0.0 STDERR   File "/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/node_modules/node-gyp/gyp/gyp_main.py", line 42, in <module>
➤ YN0000: │ node-sass@npm:8.0.0 STDERR     import gyp  # noqa: E402
➤ YN0000: │ node-sass@npm:8.0.0 STDERR     ^^^^^^^^^^
➤ YN0000: │ node-sass@npm:8.0.0 STDERR   File "/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/node_modules/node-gyp/gyp/pylib/gyp/__init__.py", line 9, in <module>
➤ YN0000: │ node-sass@npm:8.0.0 STDERR     import gyp.input
➤ YN0000: │ node-sass@npm:8.0.0 STDERR   File "/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/node_modules/node-gyp/gyp/pylib/gyp/input.py", line 19, in <module>
➤ YN0000: │ node-sass@npm:8.0.0 STDERR     from distutils.version import StrictVersion
➤ YN0000: │ node-sass@npm:8.0.0 STDERR ModuleNotFoundError: No module named 'distutils'
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp ERR! configure error 
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp ERR! stack Error: `gyp` failed with exit code: 1
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp ERR! stack     at ChildProcess.onCpExit (/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/node_modules/node-gyp/lib/configure.js:259:16)
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp ERR! stack     at ChildProcess.emit (node:events:519:28)
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp ERR! stack     at ChildProcess._handle.onexit (node:internal/child_process:294:12)
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp ERR! System Linux 6.1.102
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp ERR! command "/opt/containerbase/tools/node/21.6.1/bin/node" "/tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass/node_modules/node-gyp/bin/node-gyp.js" "rebuild" "--verbose" "--libsass_ext=" "--libsass_cflags=" "--libsass_ldflags=" "--libsass_library="
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp ERR! cwd /tmp/renovate/repos/github/hmcts/div-petitioner-frontend/node_modules/node-sass
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp ERR! node -v v21.6.1
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp ERR! node-gyp -v v8.4.1
➤ YN0000: │ node-sass@npm:8.0.0 STDERR gyp ERR! not ok 
➤ YN0000: │ node-sass@npm:8.0.0 STDERR Build failed with error code: 1
➤ YN0009: │ node-sass@npm:8.0.0 couldn't be built successfully (exit code 1, logs can be found here: /tmp/xfs-8e909841/build.log)
➤ YN0000: └ Completed in 6s 572ms
➤ YN0000: Failed with errors in 10s 789ms

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants