Where communities thrive

  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
  • 10:36
    jfstephe commented #137
  • 04:04
    JayaKrishnaNamburu edited #118
  • Jul 27 18:47
    guybedford opened #118
  • Jul 26 09:52
    aral commented #92
  • Jul 20 17:21
    guybedford closed #115
  • Jul 20 17:21
    guybedford closed #111
  • Jul 20 17:21
    guybedford opened #117
  • Jul 15 23:34
    mustafa0x commented #114
  • Jul 15 02:05
    guybedford closed #113
  • Jul 15 02:05
    guybedford commented #113
  • Jul 15 01:20
    guybedford commented #113
  • Jul 14 21:12
    guybedford commented #113
  • Jul 14 20:10
    guybedford commented #113
  • Jul 14 19:50
    guybedford edited #115
  • Jul 14 19:49
    guybedford edited #115
  • Jul 14 19:49
    guybedford edited #115
  • Jul 14 19:41
    vovacodes edited #115
  • Jul 14 16:26
    guybedford commented #114
  • Jul 14 15:54
    guybedford opened #115
  • Jul 14 03:10
    mustafa0x opened #114
Hi guys ... Is there any clear documentation on difference between.. jspm bundle and jspm bundle-sfx.. I am working on a Angular js project.. i want to minify the source code and bundle it as dist..
Joe Pea
@nomaed For the purposes in which serialize-javascript is being used, I don't think there's any vulnerability. I think that issue is for websites that use it and deal with 3rd party code inside their application. In the case of jspm and terser plugin, it's just taking your code and compiling it, and you will already give jspm and terser both full access to all code to manipulate it any way those tools see fit (including access to run any and all of that code) so it doesn't matter much. In this case, there is trust in jspm and terser.

@guybedford Does jspm CDN support semver? I tried https://dev.jspm.io/@here/harp-omv-datasource@^0.13.0/index-worker but that doesn't work.

It'd be great if semver syntax was supported, just like with unpkg.

@ameerthehacker not all libraries work, because they don't all do things in a fully ES Module compatible way unfortunately.
@gabrnavarro I'm sorry you run into that ancient JSPM problem with rate limiting from GitHub. JSPM requires you to get and configure GitHub API keys to avoid that problem (at least last time I checked back in 2015).
Kelly Navarro
@trusktr Hey, sorry i took too long to reply. The dependencies throwing the ratelimit is actually from the npm registry. We resolved the issue by just adding a retry. Hopefully there will be a longterm fix
Guy Bedford
@trusktr https://dev.jspm.io/@here/harp-omv-datasource@0.13/index-worker is the way to do semver - semver symbols aren't supported just leaving out the patch or minor
Joe Pea
@guybedford But then that means it is too easy to cause dependency forks, f.e. importing 4.5.1 and 4.5.2 of a dependency from two places, instead of ^4.5.1 and ^4.5.2 resolving to the latest 4.5.x
Oh wait, I see, so 4.5 in the URL is the same as ^4.5
And I assume the default is ^ behavior. So basically it supports the common use case of ^ but not others like ~ or ranges.
Jspm budle failed with error below . 12:23:34 Command node --max-old-space-size=2048 node_modules/jspm/jspm bundle-sfx main public/myapp.js --inject --minify --source-map-contents && mv public/myapp* dist/public && cp public/config.js dist/public && jspm unbundle failed with exit code 137
12:23:34 [16:23:32] Error in plugin 'run-sequence(dist:bundle)'
What might be the issue?
Joshua Wilson
Can you try running just the first part (node --max-old-space-size=2048 node_modules/jspm/jspm bundle-sfx main public/myapp.js --inject --minify --source-map-contents)
Also, what version of JSPM are you on?
Joshua Wilson
@sravanmca21 Can you post more of you log when running just the first part of that build command?
Hi, sorry for the delay, please see the error below
18:21:45 Command node --max-old-space-size=8192 node_modules/jspm/jspm bundle-sfx main public/myapp.js --inject --minify --source-map-contents failed with exit code 137
18:21:45 [22:21:42] Error in plugin 'run-sequence(dist:bundle)'
18:21:45 Error
18:21:45 at finish (/jenkins/workspace/pipeline-change/node_modules/run-sequence/index.js:56:13)
18:21:45 at Gulp.onError (/jenkins/workspace/pipeline-change/node_modules/run-sequence/index.js:67:4)
18:21:45 at emitOne (events.js:101:20)
18:21:45 at Gulp.emit (events.js:188:7)
18:21:45 at Gulp.Orchestrator._emitTaskDone (/jenkins/workspace/pipeline-change/node_modules/orchestrator/index.js:264:8)
18:21:45 at /jenkins/workspace/pipeline-change/node_modules/orchestrator/index.js:275:23
18:21:45 at finish (/jenkins/workspace/pipeline-change/node_modules/orchestrator/lib/runTask.js:21:8)
18:21:45 at DestroyableTransform.<anonymous> (/jenkins/workspace/pipeline-change/node_modules/orchestrator/lib/runTask.js:52:4)
18:21:45 at DestroyableTransform.f (/jenkins/workspace/pipeline-change/node_modules/end-of-stream/node_modules/once/once.js:17:25)
18:21:45 at emitOne (events.js:101:20)
18:21:45 at DestroyableTransform.emit (events.js:188:7)
18:21:45 at /jenkins/workspace/pipeline-change/node_modules/gulp-shell/index.js:100:14
18:21:45 at /jenkins/workspace/pipeline-change/node_modules/gulp-shell/node_modules/async/lib/async.js:52:16
18:21:45 at /jenkins/workspace/pipeline-change/node_modules/gulp-shell/node_modules/async/lib/async.js:264:21
18:21:45 at /jenkins/workspace/pipeline-change/node_modules/gulp-shell/node_modules/async/lib/async.js:44:16
18:21:45 at /jenkins/workspace/pipeline-change/node_modules/gulp-shell/index.js:75:7
18:21:45 at ChildProcess.exithandler (child_process.js:213:5)
18:21:45 at emitTwo (events.js:106:13)
18:21:45 at ChildProcess.emit (events.js:191:7)
18:21:45 at maybeClose (internal/child_process.js:877:16)
18:21:45 at Socket.<anonymous> (internal/child_process.js:334:11)
18:21:45 at emitOne (events.js:96:13)
18:21:45 at Socket.emit (events.js:188:7)
Joshua Wilson
Just glancing through that stack trace I don't immediately see anything wrong, but I do wonder if you really need --inject? Looking back at these docs I'm thinking you may be able to simplify the command a bit to narrow in on the issue: https://jspm.org/docs/0.16/production-workflows.html
Guy Bedford
@trusktr if all your dependencies are ranged you can't fork yes
exactly always defaults to ^
Joshua Wilson
Hope y'all are staying safe through the quarantines! I've been surprised how many projects I can get myself committed to with just a little more free time in the day from staying home!
Guy Bedford
@jwilson8767 is that an offer to contribute to jspm!? :P
2.0 development has pretty much stopped now and will likely be abandoned
there is some work on 3.0 now which should see a public release in the next month or two
Joshua Wilson
More a lament that I'm bad at saying "no", lol. What's 3.0??
Guy Bedford
haha, nice
3.0 is a new reframing of the concept, will aim to provide more info soon
SyntaxError: Unexpected token {
    at new Function (<anonymous>)
    at dew (file:///home/vika/Projects/blogblaze/jspm_packages/npm/uglify-js@2.8.29/tools/node.dew.js:46:3)
    at dew (file:///home/vika/Projects/blogblaze/jspm_packages/npm/pug-filters@3.1.1/lib/run-filter.dew.js:38:16)
    at dew (file:///home/vika/Projects/blogblaze/jspm_packages/npm/pug-filters@3.1.1/index.dew.js:8:23)
    at dew (file:///home/vika/Projects/blogblaze/jspm_packages/npm/pug@2.0.4/lib/index.dew.js:40:17)
    at file:///home/vika/Projects/blogblaze/jspm_packages/npm/pug@2.0.4/lib/index.js:2:16
    at ModuleJob.run (internal/modules/esm/module_job.js:95:12)
when using globally-installed jspm 2.0.0-beta7 and trying to use pug via jspm install pug and subsequent import
looks like the dew thing, whatever it is, can't handle dynamically constructed code?

:point_up: March 27, 2020 5:40 PM

3.0 is a new reframing of the concept, will aim to provide more info soon

i wonder how soon it'll be :3

Guy Bedford
@kisik21 the jspm CLI is not being maintained because there was too little user interest
I'm working every day on 3.0 :)
but don't hold your breath...
Hello, anyone know how to fetch npm modules from private npm serview via the jspm.io cdn?
There are some npm modules in our private npm registry, and I want to fetch it from jspm.io. Is it possible?
Guy Bedford
Hi @mcuking yes private npm support isn't provided over the public CDN - you would need to run your own CDN for that
We are looking at providing private versions of the jspm servers for this though
What sort of use case is it for? Public or internal?
Thanks for your apply
And do you kown how to transform npm module to the one which can be used in browser? Is there any open source code or article to learn?

Trying "jspm install"

warn Error on download for github:systemjs/plugin-json
Bad response code 401

err Error downloading github:systemjs/plugin-json.

warn Installation changes not saved.

Can some one help please ? ;)

Brandon Wittwer
is there a way to configure JSPM to authenticate to github via an Authorization HTTP header and not the url token. Github is deprecating that authorization method soon
ZUOQIN HU (Isabella)
hi, I'm upgrading jspm from version 0.17.0-beta.45 to 2.0.0-beta.7, I'm using gulp to build my project, it has dependency sass-jspm-importer 0.0.6 . when i try build, it gives me an error
(node:16471) ExperimentalWarning: The http2 module is an experimental API.
TypeError: jspm_config.loadSync is not a function
at Object.<anonymous> (/Users/zhu/qs-service-ui-middle/node_modules/sass-jspm-importer/src/functions.js:8:13)
at Module._compile (module.js:662:30)
at Object.Module._extensions..js (module.js:673:10)
at Module.load (module.js:575:32)
at tryModuleLoad (module.js:515:12)
at Function.Module._load (module.js:507:3)
at Module.require (module.js:606:17)
at require (internal/module.js:11:18)
at Object.<anonymous> (/Users/zhu/qs-service-ui-middle/node_modules/sass-jspm-importer/src/index.js:3:17)
at Module._compile (module.js:662:30)
Can anybody give me any tips or help, please?
Ben Chomsang
hi, i'm trying to understand what jspm install <package> --lock does. Can't seem to find any detailed documentation
Dulitha Ranatunga

Hi, one of our legacy projects on 0.16.53 has randomly started failing to build. It fails to authenticate with github on all of the projects:

warn Error on download for github:lorenzofox3/Smart-Table
     Unauthorized response for GitHub API.
     Use jspm registry config github to reconfigure the credentials, or update them in your ~/.netrc file.
err  Error downloading github:lorenzofox3/Smart-Table.

Using curl to the github api with -u user:token seems to be successful, and so does reconfiguring:

Enter your GitHub username:DulithaRanatunga
Enter your GitHub password or access token:redacted

Would you like to test these credentials? [yes]:
ok   GitHub authentication is working successfully.
ok   Registry github configured successfully.

But i'm unable to progress past the above error ^.
I'm unsure why it started to fail in the past week, and I'm wondering if others have experienced this?

(Not providing auth credentials does hit the github rate limit issue :()

Dulitha Ranatunga
In case anyone else comes here and sees it, it turned out to be the same issue as this: https://githubmemory.com/repo/jspm/github/issues/129?page=2
Hello what is the 0.16.x upgrade path to 2.0?