Page MenuHomePhabricator

Add npx to Fresh shell
Closed, ResolvedPublic

Description

This is already installed and part of the npm package since v6. The commented out code in the node-14/Dockerfile.template also aliases it already, but the actual code we use doesn't yet.

In a previous version of our npm/cli mirror we excluded this for security reasons. However this no longer applies when this are run in a secure container, and actually makes the Fresh environment less attractive to use as it might encourage someone to then use npx outside the container, which is not only subject to the usual security problems with npm, but additionally worse since npx downloads and executes at the same time.

Related Objects

StatusSubtypeAssignedTask
OpenNone
ResolvedKrinkle

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Krinkle triaged this task as Medium priority.

Change 759622 had a related patch set uploaded (by Krinkle; author: Krinkle):

[integration/config@master] node12,node14: Add npx command to the shell PATH

https://gerrit.wikimedia.org/r/759622

Change 759622 merged by jenkins-bot:

[integration/config@master] node12,node14: Add npx command to the shell PATH

https://gerrit.wikimedia.org/r/759622

Change 761107 had a related patch set uploaded (by Krinkle; author: Krinkle):

[fresh@master] [WIP] fresh-node12,14: Expose npx command (Update node12-test-browser image)

https://gerrit.wikimedia.org/r/761107

Change 761109 had a related patch set uploaded (by Krinkle; author: Krinkle):

[fresh@master] Release 22.01.1

https://gerrit.wikimedia.org/r/761109

Change 761107 merged by jenkins-bot:

[fresh@master] fresh-node12,14: Expose npx command (Update images)

https://gerrit.wikimedia.org/r/761107

Change 761109 merged by jenkins-bot:

[fresh@master] Release 22.01.1

https://gerrit.wikimedia.org/r/761109