Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

meta git commands fail with Error: spawn EINVAL on latest Node versions in Windows #334

Open
ocsurfnut opened this issue Apr 19, 2024 · 5 comments
Labels

Comments

@ocsurfnut
Copy link

πŸ› Bug Report

╰─❯ meta git pull
Error: spawn EINVAL
    at ChildProcess.spawn (node:internal/child_process:421:11)
    at spawn (node:child_process:761:9)
    at Command.executeSubCommand (C:\Users\WISMITH\AppData\Roaming\npm\node_modules\meta\node_modules\commander\index.js:565:12)
    at Command.parse (C:\Users\WISMITH\AppData\Roaming\npm\node_modules\meta\node_modules\commander\index.js:489:17)
    at exports.run (C:\Users\WISMITH\AppData\Roaming\npm\node_modules\meta\index.js:47:11)
    at Object.<anonymous> (C:\Users\WISMITH\AppData\Roaming\npm\node_modules\meta\bin\meta:8:15)
    at Module._compile (node:internal/modules/cjs/loader:1369:14)
    at Module._extensions..js (node:internal/modules/cjs/loader:1427:10)
    at Module.load (node:internal/modules/cjs/loader:1206:32)
    at Module._load (node:internal/modules/cjs/loader:1022:12) {
  errno: -4071,
  code: 'EINVAL',
  syscall: 'spawn'

To Reproduce

Steps to reproduce the behavior:

Start with

╰─❯ node --version
v20.12.2

on a Windows machine

then execute meta git ...

Expected behavior

Command processes as normal.

@ocsurfnut ocsurfnut added the bug label Apr 19, 2024
@ocsurfnut
Copy link
Author

This is due to Node patching CVE-2024-27980 on Windows: https://nodejs.org/en/blog/vulnerability/april-2024-security-releases-2

It can be worked around by adding { shell: true } to any spawn() commands. Since you've got a super old version of commander.js forked, you could add here: https://github.com/mateodelnorte/commander.js/blob/master/index.js#L563 and https://github.com/mateodelnorte/commander.js/blob/master/index.js#L565 .

Made that change locally in node_modules/commander and resolved the issue for me. I would contribute, but I cannot push a branch to your fork.

Incidentally, any plans to update to latest commander.js?

@turejaku
Copy link

Hello,

I'm currently experiencing the same issue.
Is there any chance to fix it in the near future?

@Sumant-HSV
Copy link

Kindly Fix this

@ddc-aaroncope
Copy link

knock knock...anyone maintaining this repo any longer?
image

@navy1978
Copy link

navy1978 commented Oct 8, 2024

Hi, it seems this can be easily fixed :" users can now pass { shell: true } as an option to prevent the occurrence of EINVALs errors."

https://nodejs.org/en/blog/vulnerability/april-2024-security-releases-2

can you please fix it? Or can we create a PR for this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

5 participants