audit returns `Unexpected audit response (Missing Metadata): false` #6607

gabegorelick · 2018-10-31T15:54:11Z

Do you want to request a feature or report a bug?

Bug

What is the current behavior?

$ yarn audit
yarn audit v1.12.1
error An unexpected error occurred: "Unexpected audit response (Missing Metadata): false".
info If you think this is a bug, please open a bug report with the information provided in "/Users/gabe/code/pushbot-api/yarn-error.log".
info Visit https://yarnpkg.com/en/docs/cli/audit for documentation about this command.

If the current behavior is a bug, please provide the steps to reproduce.

Run yarn audit.

What is the expected behavior?

No error. Or provide docs on how to resolve if it is a setup issue (yarnpkg/website#877).

Please mention your node.js, yarn and operating system version.
Node: v8.12.0
Yarn: v1.12.1 (installed via Homebrew)
OS: macOS

The text was updated successfully, but these errors were encountered:

arcanis · 2018-10-31T16:46:00Z

Ping @rally25rs - I know that the npm registry often yields 500, maybe it's what happens there and we don't properly catch it?

rally25rs · 2018-10-31T17:09:18Z

If you run with --verbose you can get the message that we sent to the npm registry, and it's response.

Also, please provide your dependencies.

bugzpodder · 2018-10-31T20:42:32Z

When I run yarn --audit, it says 1 vulnerbility is detected and asked me to run yarn audit.
I did so and go the same error.

verbose 2.423 Performing "POST" request to "https://registry.yarnpkg.com/-/npm/v1/security/audits". verbose 2.895 Request "https://registry.yarnpkg.com/-/npm/v1/security/audits" finished with status code 400. verbose 2.9 Error: Unexpected audit response (Missing Metadata): false at Audit.<anonymous> (/usr/local/Cellar/yarn/1.12.1/libexec/lib/cli.js:56117:15) at Generator.next (<anonymous>) at step (/usr/local/Cellar/yarn/1.12.1/libexec/lib/cli.js:92:30) at /usr/local/Cellar/yarn/1.12.1/libexec/lib/cli.js:103:13 at <anonymous> at process._tickCallback (internal/process/next_tick.js:188:7) error An unexpected error occurred: "Unexpected audit response (Missing Metadata): false".

arcanis · 2018-10-31T20:56:05Z

@bugzpodder As @rally25rs mentioned, the package.json and yarn.lock would be helpful 🙂

gabegorelick · 2018-10-31T21:34:32Z

Here's the output from --verbose:

verbose 1.735 Performing "POST" request to "https://registry.yarnpkg.com/-/npm/v1/security/audits".
verbose 2.288 Request "https://registry.yarnpkg.com/-/npm/v1/security/audits" finished with status code 400.
verbose 2.289 Error: Unexpected audit response (Missing Metadata): false
    at Audit.<anonymous> (/usr/local/Cellar/yarn/1.12.1/libexec/lib/cli.js:56117:15)
    at Generator.next (<anonymous>)
    at step (/usr/local/Cellar/yarn/1.12.1/libexec/lib/cli.js:92:30)
    at /usr/local/Cellar/yarn/1.12.1/libexec/lib/cli.js:103:13
    at <anonymous>
    at process._tickCallback (internal/process/next_tick.js:189:7)
error An unexpected error occurred: "Unexpected audit response (Missing Metadata): false".
info If you think this is a bug, please open a bug report with the information provided in "/Users/gabe/code/pushbot-api/yarn-error.log".
info Visit https://yarnpkg.com/en/docs/cli/audit for documentation about this command.

Sorry, I can't post my package.json. But it is something about the deps since yarn audit works for other package.jsons I test. I'll try to minimize my package.json contents to get a minimal test case.

gabegorelick · 2018-10-31T21:39:29Z

npm audit is also working for the same package.json.

gabegorelick · 2018-10-31T22:31:10Z

Able to reproduce with the following package.json:

{
  "dependencies": {
    "textract": "2.1.2"
  }
}

yarn.lock:

# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
# yarn lockfile v1


adler-32@, adler-32@~1.2.0:
  version "1.2.0"
  resolved "https://registry.yarnpkg.com/adler-32/-/adler-32-1.2.0.tgz#6a3e6bf0a63900ba15652808cb15c6813d1a5f25"
  integrity sha1-aj5r8KY5ALoVZSgIyxXGgT0aXyU=
  dependencies:
    exit-on-epipe "~1.0.1"
    printj "~1.1.0"

array-find-index@^1.0.1:
  version "1.0.2"
  resolved "https://registry.yarnpkg.com/array-find-index/-/array-find-index-1.0.2.tgz#df010aa1287e164bbda6f9723b0a96a1ec4187a1"
  integrity sha1-3wEKoSh+Fku9pvlyOwqWoexBh6E=

[email protected]:
  version "0.2.1"
  resolved "https://registry.yarnpkg.com/babyparse/-/babyparse-0.2.1.tgz#069f035df3fdce6f3a455dd5dafc75178dcf3760"
  integrity sha1-Bp8DXfP9zm86RV3V2vx1F43PN2A=

boolbase@~1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/boolbase/-/boolbase-1.0.0.tgz#68dff5fbe60c51eb37725ea9e3ed310dcc1e776e"
  integrity sha1-aN/1++YMUes3cl6p4+0xDcwed24=

buffer-crc32@~0.2.3:
  version "0.2.13"
  resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242"
  integrity sha1-DTM+PwDqxQqhRUq9MO+MKl2ackI=

buffer-from@^1.0.0:
  version "1.1.1"
  resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.1.tgz#32713bc028f75c02fdb710d7c7bcec1f2c6070ef"
  integrity sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==

builtin-modules@^1.0.0:
  version "1.1.1"
  resolved "https://registry.yarnpkg.com/builtin-modules/-/builtin-modules-1.1.1.tgz#270f076c5a72c02f5b65a47df94c5fe3a278892f"
  integrity sha1-Jw8HbFpywC9bZaR9+Uxf46J4iS8=

camelcase-keys@^2.0.0:
  version "2.1.0"
  resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-2.1.0.tgz#308beeaffdf28119051efa1d932213c91b8f92e7"
  integrity sha1-MIvur/3ygRkFHvodkyITyRuPkuc=
  dependencies:
    camelcase "^2.0.0"
    map-obj "^1.0.0"

camelcase@^2.0.0:
  version "2.1.1"
  resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f"
  integrity sha1-fB0W1nmhu+WcoCys7PsBHiAfWh8=

capture-stack-trace@^1.0.0:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/capture-stack-trace/-/capture-stack-trace-1.0.1.tgz#a6c0bbe1f38f3aa0b92238ecb6ff42c344d4135d"
  integrity sha512-mYQLZnx5Qt1JgB1WEiMCf2647plpGeQ2NMR/5L0HNZzGQo4fuSPnK+wjfPnKZV0aiJDgzmWqqkV/g7JD+DW0qw==

cfb@>=0.10.0:
  version "1.1.0"
  resolved "https://registry.yarnpkg.com/cfb/-/cfb-1.1.0.tgz#44fb1b30eee014fa5633a0ed5f26c87fd765799a"
  integrity sha512-ZqfxNGWTMKhd0a/n6YKJLq8hWbd5kR3cA4kXwUj9vVEdHlwJ09werR8gN15Z7Y1FTXqdD6dE3GGCxv4uc28raA==
  dependencies:
    adler-32 "~1.2.0"
    commander "^2.16.0"
    crc-32 "~1.2.0"
    printj "~1.1.2"

cfb@~0.11.0:
  version "0.11.1"
  resolved "https://registry.yarnpkg.com/cfb/-/cfb-0.11.1.tgz#a96db8f272a6c3fb99dbbb23ef41223f48be1ea7"
  integrity sha1-qW248nKmw/uZ27sj70EiP0i+Hqc=
  dependencies:
    commander ""

[email protected]:
  version "0.22.0"
  resolved "https://registry.yarnpkg.com/cheerio/-/cheerio-0.22.0.tgz#a9baa860a3f9b595a6b81b1a86873121ed3a269e"
  integrity sha1-qbqoYKP5tZWmuBsahocxIe06Jp4=
  dependencies:
    css-select "~1.2.0"
    dom-serializer "~0.1.0"
    entities "~1.1.1"
    htmlparser2 "^3.9.1"
    lodash.assignin "^4.0.9"
    lodash.bind "^4.1.4"
    lodash.defaults "^4.0.1"
    lodash.filter "^4.4.0"
    lodash.flatten "^4.2.0"
    lodash.foreach "^4.3.0"
    lodash.map "^4.4.0"
    lodash.merge "^4.4.0"
    lodash.pick "^4.2.1"
    lodash.reduce "^4.4.0"
    lodash.reject "^4.4.0"
    lodash.some "^4.4.0"

codepage@:
  version "1.14.0"
  resolved "https://registry.yarnpkg.com/codepage/-/codepage-1.14.0.tgz#8cbe25481323559d7d307571b0fff91e7a1d2f99"
  integrity sha1-jL4lSBMjVZ19MHVxsP/5HnodL5k=
  dependencies:
    commander "~2.14.1"
    exit-on-epipe "~1.0.1"

codepage@~1.3.6:
  version "1.3.8"
  resolved "https://registry.yarnpkg.com/codepage/-/codepage-1.3.8.tgz#4f2e5d7c0975de28f88498058dcb5afcab6a5f71"
  integrity sha1-Ty5dfAl13ij4hJgFjcta/KtqX3E=
  dependencies:
    commander ""
    concat-stream ""
    voc ""

[email protected]:
  version "0.6.2"
  resolved "https://registry.yarnpkg.com/colors/-/colors-0.6.2.tgz#2423fe6678ac0c5dae8852e5d0e5be08c997abcc"
  integrity sha1-JCP+ZnisDF2uiFLl0OW+CMmXq8w=

commander@, commander@^2.16.0:
  version "2.19.0"
  resolved "https://registry.yarnpkg.com/commander/-/commander-2.19.0.tgz#f6198aa84e5b83c46054b94ddedbfed5ee9ff12a"
  integrity sha512-6tvAOO+D6OENvRAh524Dh9jcfKTYDQAqvqezbCW82xj5X0pSrcpxtvRKHLG0yBY6SD7PSDrJaj+0AiOcKVd1Xg==

commander@~2.14.1:
  version "2.14.1"
  resolved "https://registry.yarnpkg.com/commander/-/commander-2.14.1.tgz#2235123e37af8ca3c65df45b026dbd357b01b9aa"
  integrity sha512-+YR16o3rK53SmWHU3rEM3tPAh2rwb1yPcQX5irVn7mb0gXbwuCCrnkbV5+PBfETdfg1vui07nM6PCG1zndcjQw==

concat-stream@:
  version "1.6.2"
  resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.2.tgz#904bdf194cd3122fc675c77fc4ac3d4ff0fd1a34"
  integrity sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==
  dependencies:
    buffer-from "^1.0.0"
    inherits "^2.0.3"
    readable-stream "^2.2.2"
    typedarray "^0.0.6"

core-util-is@~1.0.0:
  version "1.0.2"
  resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
  integrity sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=

crc-32@, crc-32@~1.2.0:
  version "1.2.0"
  resolved "https://registry.yarnpkg.com/crc-32/-/crc-32-1.2.0.tgz#cb2db6e29b88508e32d9dd0ec1693e7b41a18208"
  integrity sha512-1uBwHxF+Y/4yF5G48fwnKq6QsIXheor3ZLPT80yGBV1oEUwpPojlEhQbWKVw1VwcTQyMGHK1/XMmTjmlsmTTGA==
  dependencies:
    exit-on-epipe "~1.0.1"
    printj "~1.1.0"

create-error-class@^3.0.1:
  version "3.0.2"
  resolved "https://registry.yarnpkg.com/create-error-class/-/create-error-class-3.0.2.tgz#06be7abef947a3f14a30fd610671d401bca8b7b6"
  integrity sha1-Br56vvlHo/FKMP1hBnHUAbyot7Y=
  dependencies:
    capture-stack-trace "^1.0.0"

css-select@~1.2.0:
  version "1.2.0"
  resolved "https://registry.yarnpkg.com/css-select/-/css-select-1.2.0.tgz#2b3a110539c5355f1cd8d314623e870b121ec858"
  integrity sha1-KzoRBTnFNV8c2NMUYj6HCxIeyFg=
  dependencies:
    boolbase "~1.0.0"
    css-what "2.1"
    domutils "1.5.1"
    nth-check "~1.0.1"

[email protected]:
  version "2.1.2"
  resolved "https://registry.yarnpkg.com/css-what/-/css-what-2.1.2.tgz#c0876d9d0480927d7d4920dcd72af3595649554d"
  integrity sha512-wan8dMWQ0GUeF7DGEPVjhHemVW/vy6xUYmFzRY8RYqgA0JtXC9rJmbScBjqSu6dg9q0lwPQy6ZAmJVr3PPTvqQ==

currently-unhandled@^0.4.1:
  version "0.4.1"
  resolved "https://registry.yarnpkg.com/currently-unhandled/-/currently-unhandled-0.4.1.tgz#988df33feab191ef799a61369dd76c17adf957ea"
  integrity sha1-mI3zP+qxke95mmE2nddsF635V+o=
  dependencies:
    array-find-index "^1.0.1"

decamelize@^1.1.2:
  version "1.2.0"
  resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290"
  integrity sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=

dom-serializer@0, dom-serializer@~0.1.0:
  version "0.1.0"
  resolved "https://registry.yarnpkg.com/dom-serializer/-/dom-serializer-0.1.0.tgz#073c697546ce0780ce23be4a28e293e40bc30c82"
  integrity sha1-BzxpdUbOB4DOI75KKOKT5AvDDII=
  dependencies:
    domelementtype "~1.1.1"
    entities "~1.1.1"

domelementtype@1:
  version "1.2.1"
  resolved "https://registry.yarnpkg.com/domelementtype/-/domelementtype-1.2.1.tgz#578558ef23befac043a1abb0db07635509393479"
  integrity sha512-SQVCLFS2E7G5CRCMdn6K9bIhRj1bS6QBWZfF0TUPh4V/BbqrQ619IdSS3/izn0FZ+9l+uODzaZjb08fjOfablA==

domelementtype@^1.3.0:
  version "1.3.0"
  resolved "https://registry.yarnpkg.com/domelementtype/-/domelementtype-1.3.0.tgz#b17aed82e8ab59e52dd9c19b1756e0fc187204c2"
  integrity sha1-sXrtguirWeUt2cGbF1bg/BhyBMI=

domelementtype@~1.1.1:
  version "1.1.3"
  resolved "https://registry.yarnpkg.com/domelementtype/-/domelementtype-1.1.3.tgz#bd28773e2642881aec51544924299c5cd822185b"
  integrity sha1-vSh3PiZCiBrsUVRJJCmcXNgiGFs=

domhandler@^2.3.0:
  version "2.4.2"
  resolved "https://registry.yarnpkg.com/domhandler/-/domhandler-2.4.2.tgz#8805097e933d65e85546f726d60f5eb88b44f803"
  integrity sha512-JiK04h0Ht5u/80fdLMCEmV4zkNh2BcoMFBmZ/91WtYZ8qVXSKjiw7fXMgFPnHcSZgOo3XdinHvmnDUeMf5R4wA==
  dependencies:
    domelementtype "1"

[email protected]:
  version "1.5.1"
  resolved "https://registry.yarnpkg.com/domutils/-/domutils-1.5.1.tgz#dcd8488a26f563d61079e48c9f7b7e32373682cf"
  integrity sha1-3NhIiib1Y9YQeeSMn3t+Mjc2gs8=
  dependencies:
    dom-serializer "0"
    domelementtype "1"

domutils@^1.5.1:
  version "1.7.0"
  resolved "https://registry.yarnpkg.com/domutils/-/domutils-1.7.0.tgz#56ea341e834e06e6748af7a1cb25da67ea9f8c2a"
  integrity sha512-Lgd2XcJ/NjEw+7tFvfKxOzCYKZsdct5lczQ2ZaQY8Djz7pfAD3Gbp8ySJWtreII/vDlMVmxwa6pHmdxIYgttDg==
  dependencies:
    dom-serializer "0"
    domelementtype "1"

duplexer2@^0.1.4:
  version "0.1.4"
  resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1"
  integrity sha1-ixLauHjA1p4+eJEFFmKjL8a93ME=
  dependencies:
    readable-stream "^2.0.2"

entities@^1.1.1, entities@~1.1.1:
  version "1.1.2"
  resolved "https://registry.yarnpkg.com/entities/-/entities-1.1.2.tgz#bdfa735299664dfafd34529ed4f8522a275fea56"
  integrity sha512-f2LZMYl1Fzu7YSBKg+RoROelpOaNrcGmE9AZubeDfrCEia483oW4MI4VyFd5VNHIgQ/7qm1I0wUHK1eJnn2y2w==

error-ex@^1.2.0:
  version "1.3.2"
  resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.2.tgz#b4ac40648107fdcdcfae242f428bea8a14d4f1bf"
  integrity sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==
  dependencies:
    is-arrayish "^0.2.1"

exit-on-epipe@, exit-on-epipe@~1.0.1:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/exit-on-epipe/-/exit-on-epipe-1.0.1.tgz#0bdd92e87d5285d267daa8171d0eb06159689692"
  integrity sha512-h2z5mrROTxce56S+pnvAV890uu7ls7f1kEvVGJbw1OlFH3/mlJ5bkXu0KRyW94v37zzHPiUd55iLn3DA7TjWpw==

fd-slicer@~1.0.1:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/fd-slicer/-/fd-slicer-1.0.1.tgz#8b5bcbd9ec327c5041bf9ab023fd6750f1177e65"
  integrity sha1-i1vL2ewyfFBBv5qwI/1nUPEXfmU=
  dependencies:
    pend "~1.2.0"

find-up@^1.0.0:
  version "1.1.2"
  resolved "https://registry.yarnpkg.com/find-up/-/find-up-1.1.2.tgz#6b2e9822b1a2ce0a60ab64d610eccad53cb24d0f"
  integrity sha1-ay6YIrGizgpgq2TWEOzK1TyyTQ8=
  dependencies:
    path-exists "^2.0.0"
    pinkie-promise "^2.0.0"

[email protected]:
  version "0.3.1"
  resolved "https://registry.yarnpkg.com/frac/-/frac-0.3.1.tgz#577677b7fdcbe6faf7c461f1801d34137cda4354"
  integrity sha1-V3Z3t/3L5vr3xGHxgB00E3zaQ1Q=

get-stdin@^4.0.1:
  version "4.0.1"
  resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe"
  integrity sha1-uWjGsKBDhDJJAui/Gl3zJXmkUP4=

[email protected]:
  version "5.7.1"
  resolved "https://registry.yarnpkg.com/got/-/got-5.7.1.tgz#5f81635a61e4a6589f180569ea4e381680a51f35"
  integrity sha1-X4FjWmHkplifGAVp6k44FoClHzU=
  dependencies:
    create-error-class "^3.0.1"
    duplexer2 "^0.1.4"
    is-redirect "^1.0.0"
    is-retry-allowed "^1.0.0"
    is-stream "^1.0.0"
    lowercase-keys "^1.0.0"
    node-status-codes "^1.0.0"
    object-assign "^4.0.1"
    parse-json "^2.1.0"
    pinkie-promise "^2.0.0"
    read-all-stream "^3.0.0"
    readable-stream "^2.0.5"
    timed-out "^3.0.0"
    unzip-response "^1.0.2"
    url-parse-lax "^1.0.0"

graceful-fs@^4.1.2:
  version "4.1.11"
  resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.11.tgz#0e8bdfe4d1ddb8854d64e04ea7c00e2a026e5658"
  integrity sha1-Dovf5NHduIVNZOBOp8AOKgJuVlg=

harb@~0.0.5:
  version "0.0.7"
  resolved "https://registry.yarnpkg.com/harb/-/harb-0.0.7.tgz#da516f41a954ac5e17093c00185b8a789c84e09a"
  integrity sha1-2lFvQalUrF4XCTwAGFuKeJyE4Jo=
  dependencies:
    babyparse "0.2.1"
    codepage ""
    commander ""
    ssf "0.8.2"

hosted-git-info@^2.1.4:
  version "2.7.1"
  resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.7.1.tgz#97f236977bd6e125408930ff6de3eec6281ec047"
  integrity sha512-7T/BxH19zbcCTa8XkMlbK5lTo1WtgkFi3GvdWEyNuc4Vex7/9Dqbnpsf4JMydcfj9HCg4zUWFTL3Za6lapg5/w==

[email protected]:
  version "1.2.0"
  resolved "https://registry.yarnpkg.com/html-entities/-/html-entities-1.2.0.tgz#41948caf85ce82fed36e4e6a0ed371a6664379e2"
  integrity sha1-QZSMr4XOgv7Tbk5qDtNxpmZDeeI=

htmlparser2@^3.9.1:
  version "3.10.0"
  resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-3.10.0.tgz#5f5e422dcf6119c0d983ed36260ce9ded0bee464"
  integrity sha512-J1nEUGv+MkXS0weHNWVKJJ+UrLfePxRWpN3C9bEi9fLxL2+ggW94DQvgYVXsaT30PGwYRIZKNZXuyMhp3Di4bQ==
  dependencies:
    domelementtype "^1.3.0"
    domhandler "^2.3.0"
    domutils "^1.5.1"
    entities "^1.1.1"
    inherits "^2.0.1"
    readable-stream "^3.0.6"

[email protected]:
  version "0.4.15"
  resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.15.tgz#fe265a218ac6a57cfe854927e9d04c19825eddeb"
  integrity sha1-/iZaIYrGpXz+hUkn6dBMGYJe3es=

indent-string@^2.1.0:
  version "2.1.0"
  resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-2.1.0.tgz#8e2d48348742121b4a8218b7a137e9a52049dc80"
  integrity sha1-ji1INIdCEhtKghi3oTfppSBJ3IA=
  dependencies:
    repeating "^2.0.0"

inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.3:
  version "2.0.3"
  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de"
  integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=

is-arrayish@^0.2.1:
  version "0.2.1"
  resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d"
  integrity sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=

is-builtin-module@^1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/is-builtin-module/-/is-builtin-module-1.0.0.tgz#540572d34f7ac3119f8f76c30cbc1b1e037affbe"
  integrity sha1-VAVy0096wxGfj3bDDLwbHgN6/74=
  dependencies:
    builtin-modules "^1.0.0"

is-finite@^1.0.0:
  version "1.0.2"
  resolved "https://registry.yarnpkg.com/is-finite/-/is-finite-1.0.2.tgz#cc6677695602be550ef11e8b4aa6305342b6d0aa"
  integrity sha1-zGZ3aVYCvlUO8R6LSqYwU0K20Ko=
  dependencies:
    number-is-nan "^1.0.0"

is-redirect@^1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/is-redirect/-/is-redirect-1.0.0.tgz#1d03dded53bd8db0f30c26e4f95d36fc7c87dc24"
  integrity sha1-HQPd7VO9jbDzDCbk+V02/HyH3CQ=

is-retry-allowed@^1.0.0:
  version "1.1.0"
  resolved "https://registry.yarnpkg.com/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz#11a060568b67339444033d0125a61a20d564fb34"
  integrity sha1-EaBgVotnM5REAz0BJaYaINVk+zQ=

is-stream@^1.0.0:
  version "1.1.0"
  resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44"
  integrity sha1-EtSj3U5o4Lec6428hBc66A2RykQ=

is-utf8@^0.2.0:
  version "0.2.1"
  resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72"
  integrity sha1-Sw2hRCEE0bM2NA6AeX6GXPOffXI=

isarray@~1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11"
  integrity sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=

[email protected]:
  version "0.4.3"
  resolved "https://registry.yarnpkg.com/j/-/j-0.4.3.tgz#6cf643541bd9f5da2ecc61957ab1757fd22d6835"
  integrity sha1-bPZDVBvZ9douzGGVerF1f9ItaDU=
  dependencies:
    commander ""
    concat-stream ""
    harb "~0.0.5"
    xlsjs "~0.7.1"
    xlsx "~0.7.11"

[email protected]:
  version "1.4.1"
  resolved "https://registry.yarnpkg.com/jschardet/-/jschardet-1.4.1.tgz#5e0f8966ddbe897f6d287e2196bfe0cf3a0090ec"
  integrity sha1-Xg+JZt2+iX9tKH4hlr/gzzoAkOw=

[email protected]:
  version "2.4.0"
  resolved "https://registry.yarnpkg.com/jszip/-/jszip-2.4.0.tgz#487a93b76c3bffa6cb085cd61eb934eabe2d294f"
  integrity sha1-SHqTt2w7/6bLCFzWHrk06r4tKU8=
  dependencies:
    pako "~0.2.5"

load-json-file@^1.0.0:
  version "1.1.0"
  resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0"
  integrity sha1-lWkFcI1YtLq0wiYbBPWfMcmTdMA=
  dependencies:
    graceful-fs "^4.1.2"
    parse-json "^2.2.0"
    pify "^2.0.0"
    pinkie-promise "^2.0.0"
    strip-bom "^2.0.0"

lodash.assignin@^4.0.9:
  version "4.2.0"
  resolved "https://registry.yarnpkg.com/lodash.assignin/-/lodash.assignin-4.2.0.tgz#ba8df5fb841eb0a3e8044232b0e263a8dc6a28a2"
  integrity sha1-uo31+4QesKPoBEIysOJjqNxqKKI=

lodash.bind@^4.1.4:
  version "4.2.1"
  resolved "https://registry.yarnpkg.com/lodash.bind/-/lodash.bind-4.2.1.tgz#7ae3017e939622ac31b7d7d7dcb1b34db1690d35"
  integrity sha1-euMBfpOWIqwxt9fX3LGzTbFpDTU=

lodash.defaults@^4.0.1:
  version "4.2.0"
  resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-4.2.0.tgz#d09178716ffea4dde9e5fb7b37f6f0802274580c"
  integrity sha1-0JF4cW/+pN3p5ft7N/bwgCJ0WAw=

lodash.filter@^4.4.0:
  version "4.6.0"
  resolved "https://registry.yarnpkg.com/lodash.filter/-/lodash.filter-4.6.0.tgz#668b1d4981603ae1cc5a6fa760143e480b4c4ace"
  integrity sha1-ZosdSYFgOuHMWm+nYBQ+SAtMSs4=

lodash.flatten@^4.2.0:
  version "4.4.0"
  resolved "https://registry.yarnpkg.com/lodash.flatten/-/lodash.flatten-4.4.0.tgz#f31c22225a9632d2bbf8e4addbef240aa765a61f"
  integrity sha1-8xwiIlqWMtK7+OSt2+8kCqdlph8=

lodash.foreach@^4.3.0:
  version "4.5.0"
  resolved "https://registry.yarnpkg.com/lodash.foreach/-/lodash.foreach-4.5.0.tgz#1a6a35eace401280c7f06dddec35165ab27e3e53"
  integrity sha1-Gmo16s5AEoDH8G3d7DUWWrJ+PlM=

lodash.map@^4.4.0:
  version "4.6.0"
  resolved "https://registry.yarnpkg.com/lodash.map/-/lodash.map-4.6.0.tgz#771ec7839e3473d9c4cde28b19394c3562f4f6d3"
  integrity sha1-dx7Hg540c9nEzeKLGTlMNWL09tM=

lodash.merge@^4.4.0:
  version "4.6.1"
  resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.1.tgz#adc25d9cb99b9391c59624f379fbba60d7111d54"
  integrity sha512-AOYza4+Hf5z1/0Hztxpm2/xiPZgi/cjMqdnKTUWTBSKchJlxXXuUSxCCl8rJlf4g6yww/j6mA8nC8Hw/EZWxKQ==

lodash.pick@^4.2.1:
  version "4.4.0"
  resolved "https://registry.yarnpkg.com/lodash.pick/-/lodash.pick-4.4.0.tgz#52f05610fff9ded422611441ed1fc123a03001b3"
  integrity sha1-UvBWEP/53tQiYRRB7R/BI6AwAbM=

lodash.reduce@^4.4.0:
  version "4.6.0"
  resolved "https://registry.yarnpkg.com/lodash.reduce/-/lodash.reduce-4.6.0.tgz#f1ab6b839299ad48f784abbf476596f03b914d3b"
  integrity sha1-8atrg5KZrUj3hKu/R2WW8DuRTTs=

lodash.reject@^4.4.0:
  version "4.6.0"
  resolved "https://registry.yarnpkg.com/lodash.reject/-/lodash.reject-4.6.0.tgz#80d6492dc1470864bbf583533b651f42a9f52415"
  integrity sha1-gNZJLcFHCGS79YNTO2UfQqn1JBU=

lodash.some@^4.4.0:
  version "4.6.0"
  resolved "https://registry.yarnpkg.com/lodash.some/-/lodash.some-4.6.0.tgz#1bb9f314ef6b8baded13b549169b2a945eb68e4d"
  integrity sha1-G7nzFO9ri63tE7VJFpsqlF62jk0=

loud-rejection@^1.0.0:
  version "1.6.0"
  resolved "https://registry.yarnpkg.com/loud-rejection/-/loud-rejection-1.6.0.tgz#5b46f80147edee578870f086d04821cf998e551f"
  integrity sha1-W0b4AUft7leIcPCG0Eghz5mOVR8=
  dependencies:
    currently-unhandled "^0.4.1"
    signal-exit "^3.0.0"

lowercase-keys@^1.0.0:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.1.tgz#6f9e30b47084d971a7c820ff15a6c5167b74c26f"
  integrity sha512-G2Lj61tXDnVFFOi8VZds+SoQjtQC3dgokKdDG2mTm1tx4m50NUHBOZSBwQQHyy0V12A0JTG4icfZQH+xPyh8VA==

map-obj@^1.0.0, map-obj@^1.0.1:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d"
  integrity sha1-2TPOuSBdgr3PSIb2dCvcK03qFG0=

[email protected]:
  version "0.3.6"
  resolved "https://registry.yarnpkg.com/marked/-/marked-0.3.6.tgz#b2c6c618fccece4ef86c4fc6cb8a7cbf5aeda8d7"
  integrity sha1-ssbGGPzOzk74bE/Gy4p8v1rtqNc=

[email protected]:
  version "3.7.0"
  resolved "https://registry.yarnpkg.com/meow/-/meow-3.7.0.tgz#72cb668b425228290abbfa856892587308a801fb"
  integrity sha1-cstmi0JSKCkKu/qFaJJYcwioAfs=
  dependencies:
    camelcase-keys "^2.0.0"
    decamelize "^1.1.2"
    loud-rejection "^1.0.0"
    map-obj "^1.0.1"
    minimist "^1.1.3"
    normalize-package-data "^2.3.4"
    object-assign "^4.0.1"
    read-pkg-up "^1.0.1"
    redent "^1.0.0"
    trim-newlines "^1.0.0"

[email protected]:
  version "1.3.4"
  resolved "https://registry.yarnpkg.com/mime/-/mime-1.3.4.tgz#115f9e3b6b3daf2959983cb38f149a2d40eb5d53"
  integrity sha1-EV+eO2s9rylZmDyzjxSaLUDrXVM=

minimist@^1.1.3:
  version "1.2.0"
  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284"
  integrity sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=

node-status-codes@^1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/node-status-codes/-/node-status-codes-1.0.0.tgz#5ae5541d024645d32a58fcddc9ceecea7ae3ac2f"
  integrity sha1-WuVUHQJGRdMqWPzdyc7s6nrjrC8=

normalize-package-data@^2.3.2, normalize-package-data@^2.3.4:
  version "2.4.0"
  resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.4.0.tgz#12f95a307d58352075a04907b84ac8be98ac012f"
  integrity sha512-9jjUFbTPfEy3R/ad/2oNbKtW9Hgovl5O1FvFWKkKblNXoN/Oou6+9+KKohPK13Yc3/TyunyWhJp6gvRNR/PPAw==
  dependencies:
    hosted-git-info "^2.1.4"
    is-builtin-module "^1.0.0"
    semver "2 || 3 || 4 || 5"
    validate-npm-package-license "^3.0.1"

nth-check@~1.0.1:
  version "1.0.2"
  resolved "https://registry.yarnpkg.com/nth-check/-/nth-check-1.0.2.tgz#b2bd295c37e3dd58a3bf0700376663ba4d9cf05c"
  integrity sha512-WeBOdju8SnzPN5vTUJYxYUxLeXpCaVP5i5e0LF8fg7WORF2Wd7wFX/pk0tYZk7s8T+J7VLy0Da6J1+wCT0AtHg==
  dependencies:
    boolbase "~1.0.0"

number-is-nan@^1.0.0:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d"
  integrity sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=

object-assign@^4.0.1:
  version "4.1.1"
  resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863"
  integrity sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=

pako@~0.2.5:
  version "0.2.9"
  resolved "https://registry.yarnpkg.com/pako/-/pako-0.2.9.tgz#f3f7522f4ef782348da8161bad9ecfd51bf83a75"
  integrity sha1-8/dSL073gjSNqBYbrZ7P1Rv4OnU=

parse-json@^2.1.0, parse-json@^2.2.0:
  version "2.2.0"
  resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-2.2.0.tgz#f480f40434ef80741f8469099f8dea18f55a4dc9"
  integrity sha1-9ID0BDTvgHQfhGkJn43qGPVaTck=
  dependencies:
    error-ex "^1.2.0"

path-exists@^2.0.0:
  version "2.1.0"
  resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-2.1.0.tgz#0feb6c64f0fc518d9a754dd5efb62c7022761f4b"
  integrity sha1-D+tsZPD8UY2adU3V77YscCJ2H0s=
  dependencies:
    pinkie-promise "^2.0.0"

path-type@^1.0.0:
  version "1.1.0"
  resolved "https://registry.yarnpkg.com/path-type/-/path-type-1.1.0.tgz#59c44f7ee491da704da415da5a4070ba4f8fe441"
  integrity sha1-WcRPfuSR2nBNpBXaWkBwuk+P5EE=
  dependencies:
    graceful-fs "^4.1.2"
    pify "^2.0.0"
    pinkie-promise "^2.0.0"

[email protected]:
  version "1.3.1"
  resolved "https://registry.yarnpkg.com/pdf-text-extract/-/pdf-text-extract-1.3.1.tgz#a5b232ad9850949d77c435e5f44fe0d105435840"
  integrity sha1-pbIyrZhQlJ13xDXl9E/g0QVDWEA=
  dependencies:
    yargs "^1.2.5"

pend@~1.2.0:
  version "1.2.0"
  resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50"
  integrity sha1-elfrVQpng/kRUzH89GY9XI4AelA=

pify@^2.0.0:
  version "2.3.0"
  resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c"
  integrity sha1-7RQaasBDqEnqWISY59yosVMw6Qw=

pinkie-promise@^2.0.0:
  version "2.0.1"
  resolved "https://registry.yarnpkg.com/pinkie-promise/-/pinkie-promise-2.0.1.tgz#2135d6dfa7a358c069ac9b178776288228450ffa"
  integrity sha1-ITXW36ejWMBprJsXh3YogihFD/o=
  dependencies:
    pinkie "^2.0.0"

pinkie@^2.0.0:
  version "2.0.4"
  resolved "https://registry.yarnpkg.com/pinkie/-/pinkie-2.0.4.tgz#72556b80cfa0d48a974e80e77248e80ed4f7f870"
  integrity sha1-clVrgM+g1IqXToDnckjoDtT3+HA=

prepend-http@^1.0.1:
  version "1.0.4"
  resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-1.0.4.tgz#d4f4562b0ce3696e41ac52d0e002e57a635dc6dc"
  integrity sha1-1PRWKwzjaW5BrFLQ4ALlemNdxtw=

printj@~1.1.0, printj@~1.1.2:
  version "1.1.2"
  resolved "https://registry.yarnpkg.com/printj/-/printj-1.1.2.tgz#d90deb2975a8b9f600fb3a1c94e3f4c53c78a222"
  integrity sha512-zA2SmoLaxZyArQTOPj5LXecR+RagfPSU5Kw1qP+jkWeNlrq+eJZyY2oS68SU1Z/7/myXM4lo9716laOFAVStCQ==

process-nextick-args@~2.0.0:
  version "2.0.0"
  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.0.tgz#a37d732f4271b4ab1ad070d35508e8290788ffaa"
  integrity sha512-MtEC1TqN0EU5nephaJ4rAtThHtC86dNN9qCuEhtshvpVBkAW5ZO7BASN9REnF9eoXGcRub+pFuKEpOHE+HbEMw==

read-all-stream@^3.0.0:
  version "3.1.0"
  resolved "https://registry.yarnpkg.com/read-all-stream/-/read-all-stream-3.1.0.tgz#35c3e177f2078ef789ee4bfafa4373074eaef4fa"
  integrity sha1-NcPhd/IHjveJ7kv6+kNzB06u9Po=
  dependencies:
    pinkie-promise "^2.0.0"
    readable-stream "^2.0.0"

read-pkg-up@^1.0.1:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-1.0.1.tgz#9d63c13276c065918d57f002a57f40a1b643fb02"
  integrity sha1-nWPBMnbAZZGNV/ACpX9AobZD+wI=
  dependencies:
    find-up "^1.0.0"
    read-pkg "^1.0.0"

read-pkg@^1.0.0:
  version "1.1.0"
  resolved "https://registry.yarnpkg.com/read-pkg/-/read-pkg-1.1.0.tgz#f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28"
  integrity sha1-9f+qXs0pyzHAR0vKfXVra7KePyg=
  dependencies:
    load-json-file "^1.0.0"
    normalize-package-data "^2.3.2"
    path-type "^1.0.0"

readable-stream@^2.0.0, readable-stream@^2.0.2, readable-stream@^2.0.5, readable-stream@^2.2.2:
  version "2.3.6"
  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.6.tgz#b11c27d88b8ff1fbe070643cf94b0c79ae1b0aaf"
  integrity sha512-tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw==
  dependencies:
    core-util-is "~1.0.0"
    inherits "~2.0.3"
    isarray "~1.0.0"
    process-nextick-args "~2.0.0"
    safe-buffer "~5.1.1"
    string_decoder "~1.1.1"
    util-deprecate "~1.0.1"

readable-stream@^3.0.6:
  version "3.0.6"
  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.0.6.tgz#351302e4c68b5abd6a2ed55376a7f9a25be3057a"
  integrity sha512-9E1oLoOWfhSXHGv6QlwXJim7uNzd9EVlWK+21tCU9Ju/kR0/p2AZYPz4qSchgO8PlLIH4FpZYfzwS+rEksZjIg==
  dependencies:
    inherits "^2.0.3"
    string_decoder "^1.1.1"
    util-deprecate "^1.0.1"

redent@^1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde"
  integrity sha1-z5Fqsf1fHxbfsggi3W7H9zDCr94=
  dependencies:
    indent-string "^2.1.0"
    strip-indent "^1.0.1"

repeating@^2.0.0:
  version "2.0.1"
  resolved "https://registry.yarnpkg.com/repeating/-/repeating-2.0.1.tgz#5214c53a926d3552707527fbab415dbc08d06dda"
  integrity sha1-UhTFOpJtNVJwdSf7q0FdvAjQbdo=
  dependencies:
    is-finite "^1.0.0"

safe-buffer@~5.1.0, safe-buffer@~5.1.1:
  version "5.1.2"
  resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
  integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==

"semver@2 || 3 || 4 || 5":
  version "5.6.0"
  resolved "https://registry.yarnpkg.com/semver/-/semver-5.6.0.tgz#7e74256fbaa49c75aa7c7a205cc22799cac80004"
  integrity sha512-RS9R6R35NYgQn++fkDWaOmqGoj4Ek9gGs+DPxNUZKuwE183xjJroKvyo1IzVFeXvUrvmALy6FWD5xrdJT25gMg==

signal-exit@^3.0.0:
  version "3.0.2"
  resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d"
  integrity sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0=

spdx-correct@^3.0.0:
  version "3.0.2"
  resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-3.0.2.tgz#19bb409e91b47b1ad54159243f7312a858db3c2e"
  integrity sha512-q9hedtzyXHr5S0A1vEPoK/7l8NpfkFYTq6iCY+Pno2ZbdZR6WexZFtqeVGkGxW3TEJMN914Z55EnAGMmenlIQQ==
  dependencies:
    spdx-expression-parse "^3.0.0"
    spdx-license-ids "^3.0.0"

spdx-exceptions@^2.1.0:
  version "2.2.0"
  resolved "https://registry.yarnpkg.com/spdx-exceptions/-/spdx-exceptions-2.2.0.tgz#2ea450aee74f2a89bfb94519c07fcd6f41322977"
  integrity sha512-2XQACfElKi9SlVb1CYadKDXvoajPgBVPn/gOQLrTvHdElaVhr7ZEbqJaRnJLVNeaI4cMEAgVCeBMKF6MWRDCRA==

spdx-expression-parse@^3.0.0:
  version "3.0.0"
  resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-3.0.0.tgz#99e119b7a5da00e05491c9fa338b7904823b41d0"
  integrity sha512-Yg6D3XpRD4kkOmTpdgbUiEJFKghJH03fiC1OPll5h/0sO6neh2jqRDVHOQ4o/LMea0tgCkbMgea5ip/e+MkWyg==
  dependencies:
    spdx-exceptions "^2.1.0"
    spdx-license-ids "^3.0.0"

spdx-license-ids@^3.0.0:
  version "3.0.2"
  resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-3.0.2.tgz#a59efc09784c2a5bada13cfeaf5c75dd214044d2"
  integrity sha512-qky9CVt0lVIECkEsYbNILVnPvycuEBkXoMFLRWsREkomQLevYhtRKC+R91a5TOAQ3bCMjikRwhyaRqj1VYatYg==

[email protected], ssf@~0.8.1:
  version "0.8.2"
  resolved "https://registry.yarnpkg.com/ssf/-/ssf-0.8.2.tgz#b9d4dc6a1c1bcf76f8abfa96d7d7656fb2abecd6"
  integrity sha1-udTcahwbz3b4q/qW19dlb7Kr7NY=
  dependencies:
    colors "0.6.2"
    frac "0.3.1"
    voc ""

string_decoder@^1.1.1, string_decoder@~1.1.1:
  version "1.1.1"
  resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8"
  integrity sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==
  dependencies:
    safe-buffer "~5.1.0"

strip-bom@^2.0.0:
  version "2.0.0"
  resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-2.0.0.tgz#6219a85616520491f35788bdbf1447a99c7e6b0e"
  integrity sha1-YhmoVhZSBJHzV4i9vxRHqZx+aw4=
  dependencies:
    is-utf8 "^0.2.0"

strip-indent@^1.0.1:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-1.0.1.tgz#0c7962a6adefa7bbd4ac366460a638552ae1a0a2"
  integrity sha1-DHlipq3vp7vUrDZkYKY4VSrhoKI=
  dependencies:
    get-stdin "^4.0.1"

[email protected]:
  version "2.1.2"
  resolved "https://registry.yarnpkg.com/textract/-/textract-2.1.2.tgz#a39480910a74659f2d85313d1b32d67c36d5ad84"
  integrity sha1-o5SAkQp0ZZ8thTE9GzLWfDbVrYQ=
  dependencies:
    cheerio "0.22.0"
    got "5.7.1"
    html-entities "1.2.0"
    iconv-lite "0.4.15"
    j "0.4.3"
    jschardet "1.4.1"
    marked "0.3.6"
    meow "3.7.0"
    mime "1.3.4"
    pdf-text-extract "1.3.1"
    xmldom "0.1.27"
    xpath "0.0.23"
    yauzl "2.7.0"

timed-out@^3.0.0:
  version "3.1.3"
  resolved "https://registry.yarnpkg.com/timed-out/-/timed-out-3.1.3.tgz#95860bfcc5c76c277f8f8326fd0f5b2e20eba217"
  integrity sha1-lYYL/MXHbCd/j4Mm/Q9bLiDrohc=

trim-newlines@^1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-1.0.0.tgz#5887966bb582a4503a41eb524f7d35011815a613"
  integrity sha1-WIeWa7WCpFA6QetST301ARgVphM=

typedarray@^0.0.6:
  version "0.0.6"
  resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"
  integrity sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c=

unzip-response@^1.0.2:
  version "1.0.2"
  resolved "https://registry.yarnpkg.com/unzip-response/-/unzip-response-1.0.2.tgz#b984f0877fc0a89c2c773cc1ef7b5b232b5b06fe"
  integrity sha1-uYTwh3/AqJwsdzzB73tbIytbBv4=

url-parse-lax@^1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/url-parse-lax/-/url-parse-lax-1.0.0.tgz#7af8f303645e9bd79a272e7a14ac68bc0609da73"
  integrity sha1-evjzA2Rem9eaJy56FKxovAYJ2nM=
  dependencies:
    prepend-http "^1.0.1"

util-deprecate@^1.0.1, util-deprecate@~1.0.1:
  version "1.0.2"
  resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
  integrity sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=

validate-npm-package-license@^3.0.1:
  version "3.0.4"
  resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz#fc91f6b9c7ba15c857f4cb2c5defeec39d4f410a"
  integrity sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==
  dependencies:
    spdx-correct "^3.0.0"
    spdx-expression-parse "^3.0.0"

voc@:
  version "1.1.0"
  resolved "https://registry.yarnpkg.com/voc/-/voc-1.1.0.tgz#d1a08aeff66646bf17cdba2e47c935a7a9b0218b"
  integrity sha512-fthgd8OJLqq8vPcLjElTk6Rcl2e3v5ekcXauImaqEnQqd5yUWKg1+ZOBgS2KTWuVKcuvZMQq4TDptiT1uYddUA==

xlsjs@~0.7.1:
  version "0.7.6"
  resolved "https://registry.yarnpkg.com/xlsjs/-/xlsjs-0.7.6.tgz#d88754569aabcf8eea70cc23961b462634a49565"
  integrity sha1-2IdUVpqrz47qcMwjlhtGJjSklWU=
  dependencies:
    cfb "~0.11.0"
    codepage ""
    commander ""
    exit-on-epipe ""
    ssf "~0.8.1"

xlsx@~0.7.11:
  version "0.7.12"
  resolved "https://registry.yarnpkg.com/xlsx/-/xlsx-0.7.12.tgz#7144831d8ecd49c062141f7c48975d1a400988e4"
  integrity sha1-cUSDHY7NScBiFB98SJddGkAJiOQ=
  dependencies:
    adler-32 ""
    cfb ">=0.10.0"
    codepage "~1.3.6"
    commander ""
    crc-32 ""
    jszip "2.4.0"
    ssf "~0.8.1"

[email protected]:
  version "0.1.27"
  resolved "https://registry.yarnpkg.com/xmldom/-/xmldom-0.1.27.tgz#d501f97b3bdb403af8ef9ecc20573187aadac0e9"
  integrity sha1-1QH5ezvbQDr4757MIFcxh6rawOk=

[email protected]:
  version "0.0.23"
  resolved "https://registry.yarnpkg.com/xpath/-/xpath-0.0.23.tgz#f5e8fdc6bdc7e72885b3234f40cba2669580aafa"
  integrity sha1-9ej9xr3H5yiFsyNPQMuiZpWAqvo=

yargs@^1.2.5:
  version "1.3.3"
  resolved "https://registry.yarnpkg.com/yargs/-/yargs-1.3.3.tgz#054de8b61f22eefdb7207059eaef9d6b83fb931a"
  integrity sha1-BU3oth8i7v23IHBZ6u+da4P7kxo=

[email protected]:
  version "2.7.0"
  resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.7.0.tgz#e21d847868b496fc29eaec23ee87fdd33e9b2bce"
  integrity sha1-4h2EeGi0lvwp6uwj7of90z6bK84=
  dependencies:
    buffer-crc32 "~0.2.3"
    fd-slicer "~1.0.1"

arcanis · 2018-10-31T22:48:12Z

I like how the npm registry returns false when there's an error. Go figure what it doesn't like ...

It seems like there are two issues. The first one is fixed by #6611 (you can see it because it then works if you replace textract with mime). The second one is still to be determined - there's likely a dependency somewhere in your lockfile that has something special.

arcanis · 2018-10-31T22:49:46Z

It can be reproduced with j (which is a subdependency of textract). Let's go down the rabbit hole.

arcanis · 2018-10-31T22:52:08Z

All dependencies of j are fine taken independently - the problem comes from j itself. Now why is that? 😕

arcanis · 2018-10-31T22:53:54Z

Found it - j has broken dependencies:

{
  "dependencies": {
    "exit-on-epipe":"",
    "xlsx": "",
    "concat-stream":"",
    "commander":""
  }
}

rally25rs · 2018-10-31T22:59:49Z

Yeah it looks like a chunk of the json yarn is posting is:

    "xlsjs": {
      "version": "0.7.6",
      "integrity": "sha1-2IdUVpqrz47qcMwjlhtGJjSklWU=",
      "requires": {
        "cfb": "~0.11.0",
        "codepage": "",
        "commander": "",
        "exit-on-epipe": "",
        "ssf": "~0.8.1"
      },

@arcanis what I was doing in these situations was to run npm through a proxy (fiddler or burpsuite for example) and see what npm sends for the same package.

otbe · 2018-11-01T08:25:30Z

I also get this issue if my root package.json (workspace root) does not contain a name attribute,

rally25rs · 2018-11-01T12:06:22Z

@otbe see #6611

rally25rs · 2018-11-02T00:30:03Z

Quick update.

node_modules/j/package.json contains

  "dependencies": {
    "commander": "",
    "concat-stream": "",
    "harb": "~0.0.5",
    "xlsjs": "~0.7.1",
    "xlsx": "~0.7.11"
  },

So when we post data to the npm audit API, we send

    "j": {
      "version": "0.4.3",
      "integrity": "sha1-bPZDVBvZ9douzGGVerF1f9ItaDU=",
      "requires": {
        "commander": "",
        "concat-stream": "",
        "harb": "~0.0.5",
        "xlsjs": "~0.7.1",
        "xlsx": "~0.7.11"
      },

This causes an error (Bad Request) from the API.

Looking at what npm sends, they send:

"j":{
  "version":"0.4.3",
  "integrity":"sha1-bPZDVBvZ9douzGGVerF1f9ItaDU=",
  "requires":{
    "commander":"^2.19.0",
    "concat-stream":"^1.6.2",
    "harb":"~0.0.5",
    "xlsjs":"~0.7.1",
    "xlsx":"~0.7.11"
  }

npm's package-lock.json contains these versions too, so they must do something during npm install to replace "" with maybe the current latest version?

Not sure yet where they are getting versions for commander and concat-stream. Probably have to poke through the npm source to figure this one out...

arcanis · 2018-11-02T00:57:47Z

@rally25rs shouldn't #6611 workaround the issue (we fallback to *)?

rally25rs · 2018-11-02T01:01:28Z

@arcanis looks like you are correct. Last time I looked at #6611 it didn't have the commit that was replacing the dep versions with *. Didn't realize that got added. 👍

This finally includes the patch for [Yarn issue 6607](yarnpkg/yarn#6607) which was breaking lots of scans. Will also use a minor version bump for this since it includes the new Yarn version and an updated version of Ruby.

ghost assigned kaylie-alexa Oct 31, 2018

ghost added the triaged label Oct 31, 2018

rally25rs assigned rally25rs and unassigned kaylie-alexa Oct 31, 2018

rally25rs added needs-repro-script and removed triaged labels Oct 31, 2018

bugzpodder mentioned this issue Oct 31, 2018

fix audit for packages without name #6611

Merged

arcanis closed this as completed in #6611 Nov 1, 2018

jborrey mentioned this issue Jan 5, 2019

Upgrade Yarn 1.12.1 --> 1.12.3 coinbase/salus#27

Merged

emilyrohrbough mentioned this issue Jul 1, 2022

yarn audit fails after updating @cypress/webpack-dev-server to v2 cypress-io/cypress#22644

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

audit returns `Unexpected audit response (Missing Metadata): false` #6607

audit returns `Unexpected audit response (Missing Metadata): false` #6607

gabegorelick commented Oct 31, 2018

arcanis commented Oct 31, 2018

rally25rs commented Oct 31, 2018

bugzpodder commented Oct 31, 2018

arcanis commented Oct 31, 2018

gabegorelick commented Oct 31, 2018

gabegorelick commented Oct 31, 2018

gabegorelick commented Oct 31, 2018 •

edited by Haroenv

Loading

arcanis commented Oct 31, 2018

arcanis commented Oct 31, 2018

arcanis commented Oct 31, 2018

arcanis commented Oct 31, 2018

rally25rs commented Oct 31, 2018

otbe commented Nov 1, 2018

rally25rs commented Nov 1, 2018

rally25rs commented Nov 2, 2018 •

edited

Loading

arcanis commented Nov 2, 2018

rally25rs commented Nov 2, 2018

audit returns Unexpected audit response (Missing Metadata): false #6607

audit returns Unexpected audit response (Missing Metadata): false #6607

Comments

gabegorelick commented Oct 31, 2018

arcanis commented Oct 31, 2018

rally25rs commented Oct 31, 2018

bugzpodder commented Oct 31, 2018

arcanis commented Oct 31, 2018

gabegorelick commented Oct 31, 2018

gabegorelick commented Oct 31, 2018

gabegorelick commented Oct 31, 2018 • edited by Haroenv Loading

arcanis commented Oct 31, 2018

arcanis commented Oct 31, 2018

arcanis commented Oct 31, 2018

arcanis commented Oct 31, 2018

rally25rs commented Oct 31, 2018

otbe commented Nov 1, 2018

rally25rs commented Nov 1, 2018

rally25rs commented Nov 2, 2018 • edited Loading

arcanis commented Nov 2, 2018

rally25rs commented Nov 2, 2018

audit returns `Unexpected audit response (Missing Metadata): false` #6607

audit returns `Unexpected audit response (Missing Metadata): false` #6607

gabegorelick commented Oct 31, 2018 •

edited by Haroenv

Loading

rally25rs commented Nov 2, 2018 •

edited

Loading