fenneclab / hugo-bin Goto Github PK
View Code? Open in Web Editor NEWBinary wrapper for Hugo
License: MIT License
Binary wrapper for Hugo
License: MIT License
Any chance this will be updated to the newest version of Hugo soon?
Unsure if there's something else out there, but contributions are welcome if there's something with the same functionality but smaller footprint :)
Just CC me if someone makes a PR.
I looked into this package because I am rewriting all my shell scripts into node scripts (concerning GoHugo builds, deploys, etc.). One point I feel needs to be added is some form of min and max Hugo versions. I do not care to update my settings every time a new Hugo version comes out, but I would like to constrain the version to "at least this version". Something like "version": ">=0.124.1"
would be the simplest to maintain, and something like "minVersion": "0.124.1"
might be easier implementable.
Does that sound very specific, or is it something others might have use of as well?
I'm gonna try to keep this open so that we don't create a new issue for each release @satoshun00
Hi,
We have a forked project from bootstrap-icons and we are facing a problem with the hugo-bin dependency
"hugo-bin": "^0.117.1",
Just making an npm install
or making a npm i hugo-bin
fails on an internal hugo-in procedure to download the associated binary.
We are behind a proxy and everything works fine with other dependencies. We have set the npm config proxy
and https-proxy
. We have also set HTTP_PROXY and HTTPS_PROXY on our system environnements.
It seems like when hugo-bin
tries to download the binary, the proxy configuration is lost at some point. Does this behavior comes from the call made inside hugo-bin or is it a native Node bug when calling sub processes ?
Thanks.
Heya, any chance you could be talked into addressing this?
Dependabot cannot update semver-regex to a non-vulnerable version
The latest possible version that can be installed is 2.0.0 because of the following conflicting dependency:
[email protected] requires semver-regex@^2.0.0 via a transitive dependency on [email protected]
@bep: what do you think about this idea? It would make the package official and you guys could also update it when needed.
Firstly, Thanks for putting this together, makes it way easier to include hugo using npm install instead of forcing users to manually install separately to their OS. thumbs way up.
Now the issue. The command I am passing throws an error and yet when I open a terminal and run the same command from there it's no problem.
Here is my code.
let exec = require('child_process').execFile;
let hugo = require('hugo-bin');
module.exports= function (data){
// TODO Make command line build utility to build commands.
let cmd = '-v'
+ ' --config="' + data.repoPath + data.dir.content + data.html.template + 'config.toml' + '"'
+ ' --baseUrl="' + data.build.url + ':'+ data.build.port +'"'
+ ' --layoutDir="' + data.repoPath + data.dir.html + data.html.template + data.html.layouts +'"'
+ ' --contentDir="' + data.repoPath + data.dir.content + data.html.template + "pages/" +'"'
+ ' --destination="' + data.repoPath + data.dir[data.build.type] +'"'
;
Debug.L1('cmd: ' + cmd);
exec(hugo, [cmd], (err, stdout) => {
console.log(stdout);
console.log(err);
});
below is the error. If I copy and paste the cmd: from the dumped object into a terminal it runs fine generating the site with no error about "unknown shorthand flag" so it's not the syntax nor paths in the command itself causing the error.
I'm using node 6.5 on an Ubuntu 14.04 machine, with your 0.3 version
{ Error: Command failed: /mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/node_modules/hugo-bin/vendor/hugo -v --config="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/content/hugo/config.toml" --baseUrl="http://localhost:8090" --layoutDir="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/assets/html/hugo/layouts/" --contentDir="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/content/hugo/pages/" --destination="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/builds/dev/"
Error: unknown shorthand flag: ' ' in - --config="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/content/hugo/config.toml" --baseUrl="http://localhost:8090" --layoutDir="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/assets/html/hugo/layouts/" --contentDir="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/content/hugo/pages/" --destination="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/builds/dev/"
at ChildProcess.exithandler (child_process.js:206:12)
at emitTwo (events.js:106:13)
at ChildProcess.emit (events.js:191:7)
at maybeClose (internal/child_process.js:877:16)
at Socket.<anonymous> (internal/child_process.js:334:11)
at emitOne (events.js:96:13)
at Socket.emit (events.js:188:7)
at Pipe._handle.close [as _onclose] (net.js:493:12)
killed: false,
code: 255,
signal: null,
cmd: '/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/node_modules/hugo-bin/vendor/hugo -v --config="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/content/hugo/config.toml" --baseUrl="http://localhost:8090" --layoutDir="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/assets/html/hugo/layouts/" --contentDir="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/content/hugo/pages/" --destination="/mnt/AllData/hacking/active-dev-repos/Super-Static-Site-Starter/builds/dev/"' }
Hi, @satoshun00.
Can you update to the latest release?
Also, what are your plans for this? Do you plan to update to new versions in the foreseeable future? I ask because I plan to use this in Bootstrap and I don't like reinventing the wheel.
Thanks!
At first glance browsing npmjs.com I thought this hadn't been updated since Hugo v0.48 βΒ I'm glad I was wrong since this package is incredibly useful, but is there any reason the version numbers for this package can't match the version numbers for the Hugo binary that's downloaded (going forward of course)? Not a huge deal but it might make things more intuitive (and it'd be nice to know which version of Hugo a site is using just by looking at package.json
).
Thanks for actually keeping this package up to date, though! π
Nice to see the recent reduction in dependencies, thanks for the effort.
Recently, I found that the hugo command line did not generate a log file. I wonder if it has something to do with the recent reduction of dependencies? ?
Not sure what the reason is, because it has been updated frequently recently.
I have this yarn dependencies installed:
"hugo-bin-extended": "^0.83.1"
And would like to check with this if a new version of Hugo (not "hugo-bin-extended
") is available as I check with yarn if there are updates for any of my Node things.
I think it would be cool if hugo-bin
and hugo-bin-extended
could check for new Hugo versions and inform me that there is a new version for my used edition (hugo
, or hugo-extended
) available.
With this function I can check if there are updates available for Hugo with yarn or npm even if I can nopt update Hugo itself with hugo-bin
or hugo-bin-extended
.
For me this would be a good addition to the already given functionality and would help me having track of of there are updates available.
Thanks in advance!
Hey there, I couldn't get this working on AWS Lambda Node 14 despite it supposedly supporting ES modules. I had to manually download hugo myself and make a small wrapper around child_process to execute it.
It would be useful if this had a Commonjs version.
If you like the idea, let me know if you would like a hand making this happen (never done before but I'm sure I can figure it out!)
Hi, this seems to be an issue for non Unix systems.
Version: [email protected]
OS: Windows 7 / cmd.exe
Arch: x64
npm install
> [email protected] postinstall C:\dev\...\node_modules\hugo-bin
> rm -rf vendor && node lib/install
**'rm' is not recognized as an internal or external command, operable program or batch file**
Exit status 1
...
Post Install script should not throw an error.
rm
command for deleting files is a command available in unix systems only, windows uses a different command (del). Maybe the rimraf
module could be used as workaround. https://github.com/isaacs/rimraf
Thanks.
Might be worth waiting maybe one more day since there have been 2 bugfix releases already.
Although hugo-bin is very useful and helps me build my website easily it's versioning is confusing. I'd like to propose mirroring Hugo versions, so hugo-bin v0.29 would ship Hugo v0.29. Old versions
(< 0.17) might be left intact.
I think this would ease reasoning about hugo-bin and would allow development of auto-publishing mechanism.
Hugo-bin is using bin-wrapper
that is sub dependent on vulnerable version of decompress
.
https://npmjs.com/advisories/1217
501.3 npm ERR! code 1
501.3 npm ERR! path /go/src/quriobot/api/kb/node_modules/hugo-bin
501.4 npm ERR! command failed
501.4 npm ERR! command sh -c node lib/install.js
501.4 npm ERR! Hugo binary installation failed!
501.4 npm ERR! file:///node_modules/hugo-bin/lib/install.js:39
501.4 npm ERR! throw new Error(error);
501.4 npm ERR! ^
501.4 npm ERR!
501.4 npm ERR! Error: Error: Command failed with ENOENT: node_modules/hugo-bin/vendor/hugo version
501.4 npm ERR! spawn node_modules/hugo-bin/vendor/hugo ENOENT
501.4 npm ERR! at file:///node_modules/hugo-bin/lib/install.js:39:13
501.4 npm ERR! at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
501.4 npm ERR!
501.4 npm ERR! Node.js v18.17.0
501.5
please suggest a fix
Getting the following error
/lib64/libc.so.6: version `GLIBC_2.14' not found (required by ./node_modules/hugo-bin/vendor/hugo)
/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.20' not found (required by ./node_modules/hugo-bin/vendor/hugo)
/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.18' not found (required by ./node_modules/hugo-bin/vendor/hugo)
/usr/lib64/libstdc++.so.6: version `CXXABI_1.3.5' not found (required by ./node_modules/hugo-bin/vendor/hugo)
/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.21' not found (required by ./node_modules/hugo-bin/vendor/hugo)
error Command failed with exit code 1.```
hugo-bin: 0.86.0
Yarn: 3.2.1
Node: 14.9.0 or 14.9.3
OS: Ubuntu 22.04 LTS
Kernel: 5.10.104-linuxkit
Getting an error on hugo-bin installs on linux same versions working on mac.
root@82f1295a63ad:/app# yarn install --immutable
β€ YN0000: β Resolution step
β€ YN0000: β Completed in 0s 413ms
β€ YN0000: β Fetch step
β€ YN0000: β Completed in 1s 380ms
β€ YN0000: β Link step
β€ YN0007: β hugo-bin@npm:0.86.0 must be built because it never has been before or the last one failed
β€ YN0007: β core-js@npm:2.6.11 must be built because it never has been before or the last one failed
β€ YN0007: β aws-sdk@npm:2.1012.0 must be built because it never has been before or the last one failed
β€ YN0007: β puppeteer@npm:1.20.0 must be built because it never has been before or the last one failed
β€ YN0007: β cpu-features@npm:0.0.3 must be built because it never has been before or the last one failed
β€ YN0007: β core-js-pure@npm:3.7.0 must be built because it never has been before or the last one failed
β€ YN0009: β cpu-features@npm:0.0.3 couldn't be built successfully (exit code 1, logs can be found here: /tmp/xfs-e3e820d7/build.log)
β€ YN0009: β hugo-bin@npm:0.86.0 couldn't be built successfully (exit code 1, logs can be found here: /tmp/xfs-cc2d68e3/build.log)
β€ YN0007: β docs@workspace:. must be built because it never has been before or the last one failed
β€ YN0007: β ssh2@npm:1.8.0 must be built because it never has been before or the last one failed
β€ YN0000: β Completed in 3m 13s
β€ YN0000: Failed with errors in 3m 16s
Contents of /tmp/xfs-cc2d68e3/build.log
# This file contains the result of Yarn building a package (hugo-bin@npm:0.86.0)
# Script name: postinstall
internal/process/esm_loader.js:74
internalBinding('errors').triggerUncaughtException(
^
Error [ERR_UNSUPPORTED_ESM_URL_SCHEME]: Only file and data URLs are supported by the default ESM loader. Received protocol 'node:'
at Loader.defaultResolve [as _resolve] (internal/modules/esm/resolve.js:750:11)
at Loader.resolve (internal/modules/esm/loader.js:85:40)
at Loader.getModuleJob (internal/modules/esm/loader.js:229:28)
at ModuleWrap.<anonymous> (internal/modules/esm/module_job.js:51:40)
at link (internal/modules/esm/module_job.js:50:36) {
code: 'ERR_UNSUPPORTED_ESM_URL_SCHEME'
}
Using node v16.15.1 on the same setup installed fine.
Possibly the imports with node:path
etc. causing this? taken from https://stackoverflow.com/a/70057245
When using this package to install Hugo on a Mac with Apple silicon, the AMD64 version is installed instead of the ARM64 version which is built for Apple processors. This is because the arch package that this package ultimately depends on doesnβt properly detect ARM64 architecture on Apple silicon Macs, and reports it as being x64.
There is a pull request to fix this issue: feross/arch#22.
I am trying to build a Docker image of a node project that uses this package.
My Dockerfile
FROM node as build-stage
WORKDIR /app
COPY package.json /app/
RUN npm install --silent
COPY ./ /app/
RUN npm run build
I get this bizarre error when using from node
and a DIFFERENT error using node-alpine
node
> [email protected] build:hugo /app
> hugo -d ../dist -s site -v
/app/node_modules/hugo-bin/vendor/hugo: 1: /app/node_modules/hugo-bin/vendor/hugo: οΏ½οΏ½οΏ½οΏ½: not found
/app/node_modules/hugo-bin/vendor/hugo: 2: /app/node_modules/hugo-bin/vendor/hugo: Syntax error: "(" unexpected
npm ERR! code ELIFECYCLE
npm ERR! errno 2
npm ERR! [email protected] build:hugo: `hugo -d ../dist -s site -v`
npm ERR! Exit status 2
npm ERR!
npm ERR! Failed at the [email protected] build:hugo script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2019-01-30T21_36_31_808Z-debug.log
npm ERR! code ELIFECYCLE
npm ERR! errno 2
npm ERR! [email protected] build: `npm run build:webpack && npm run build:hugo`
npm ERR! Exit status 2
npm ERR!
npm ERR! Failed at the [email protected] build script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2019-01-30T21_36_31_824Z-debug.log
node-alpine
> [email protected] build:hugo /app
> hugo -d ../dist -s site -v
internal/child_process.js:372
throw errnoException(err, 'spawn');
^
Error: spawn Unknown system error -8
at ChildProcess.spawn (internal/child_process.js:372:11)
at spawn (child_process.js:559:9)
at Object.<anonymous> (/app/node_modules/hugo-bin/cli.js:10:1)
at Module._compile (internal/modules/cjs/loader.js:736:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:747:10)
at Module.load (internal/modules/cjs/loader.js:628:32)
at tryModuleLoad (internal/modules/cjs/loader.js:568:12)
at Function.Module._load (internal/modules/cjs/loader.js:560:3)
at Function.Module.runMain (internal/modules/cjs/loader.js:801:12)
at executeUserCode (internal/bootstrap/node.js:526:15)
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] build:hugo: `hugo -d ../dist -s site -v`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] build:hugo script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2019-01-30T21_41_51_867Z-debug.log
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] build: `npm run build:webpack && npm run build:hugo`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] build script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2019-01-30T21_41_51_889Z-debug.log
The command '/bin/sh -c npm run build' returned a non-zero code: 1
When I install hugo-bin and try to run it, I get an expectation.
$(npm bin)/hugo --help
This is the exception I get:
node:events:346
throw er; // Unhandled 'error' event
^
Error: spawn /Users/stevenirby/projects/randomdailyart/node_modules/hugo-bin/vendor EACCES
at Process.ChildProcess._handle.onexit (node:internal/child_process:282:19)
at onErrorNT (node:internal/child_process:480:16)
at processTicksAndRejections (node:internal/process/task_queues:81:21)
Emitted 'error' event on ChildProcess instance at:
at Process.ChildProcess._handle.onexit (node:internal/child_process:288:12)
at onErrorNT (node:internal/child_process:480:16)
at processTicksAndRejections (node:internal/process/task_queues:81:21) {
errno: -13,
code: 'EACCES',
syscall: 'spawn /Users/stevenirby/projects/randomdailyart/node_modules/hugo-bin/vendor',
path: '/Users/stevenirby/projects/randomdailyart/node_modules/hugo-bin/vendor',
spawnargs: [ '--help' ]
}
It looks like it's not downloading the correct hugo release:
hugo_0.82.0_macOS-ARM64.tar.gz
OR
hugo_extended_0.82.0_macOS-ARM64.tar.gz
When I run npm install hugo-bin behind our company proxy it fails with following error:
> [email protected] postinstall D:\SOURCES\Netlify.VDW\node_modules\hugo-bin
> del-cli vendor && node lib/install
x unable to get local issuer certificate
x Hugo binary installation failed
We can see that the module is trying to download the following file: https://github.com/spf13/hugo/releases/download/v0.36.1/hugo_0.36.1_Windows-64bit.zip
When I try to download this file via my browser, it succeeds. But hugo-bin seems to use the module bin-wrapper which uses the module download which fails.
Even after setting strict-ssl to false (npm config set strict-ssl false) the issue continues.
I'm running Windows 2012 R2 and tried it with nodejs 8.11.3 and 10.8.0.
The current version 0.98.0
of hugo-bin contains a high severity vulnerability. Below are the results from npm audit
. I'm not sure if a fix for your dependencies is available already. You might want to consider setting up Dependabot alerts in the security section of your GitHub repository.
# npm audit report
cacheable-request <=10.2.6
Severity: high
cacheable-request depends on http-cache-semantics, which is vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-8x6c-cv3v-vp6g
Depends on vulnerable versions of http-cache-semantics
No fix available
node_modules/cacheable-request
got <=12.4.1
Depends on vulnerable versions of cacheable-request
node_modules/got
download >=4.0.0
Depends on vulnerable versions of got
node_modules/download
bin-wrapper >=0.4.0
Depends on vulnerable versions of bin-version-check
Depends on vulnerable versions of download
node_modules/bin-wrapper
hugo-bin *
Depends on vulnerable versions of bin-wrapper
node_modules/hugo-bin
Hugo-bin is using bin-wrapper 3.0.2 that is dependent on vulnerable version of download. It's also dependent on gulp-util 3.0.8 which is deprecated. There is an open issue in the bin-wrapper repository.
"hugo-bin": { "buildTags": "extended" }
in package.json
doesn't work in npm 7.0.3
(node v15.0.1
, macOS), the normal (not extended) version of Hugo is downloaded.
Using a .npmrc
file with hugo_bin_build_tags = "extended"
does work correctly (the extended version of Hugo is downloaded).
Thanks!
Current postinstall binary download requires external access. For many corporate environments we have an internal package repository. It would be great if the root portion of the baseUrl can be overriden via env var much like pre-gyp downloads. Are you open to this contribution?
Line 8 in e3e3030
@satoshun00: I suggest that you don't close this issue and people can just comment when a new version is out.
Currently 0.38.2
/CC @satoshun00
added 184 packages, and audited 185 packages in 11s
8 packages are looking for funding
run `npm fund` for details
6 high severity vulnerabilities
To address all issues, run:
npm audit fix
Run `npm audit` for details.
# npm audit report
normalize-url <=4.5.0 || 5.0.0 - 5.3.0 || 6.0.0
Severity: high
Regular Expression Denial of Service - https://npmjs.com/advisories/1755
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/normalize-url
cacheable-request 0.1.0 - 6.0.0
Depends on vulnerable versions of normalize-url
node_modules/cacheable-request
got 8.0.0 - 9.5.0
Depends on vulnerable versions of cacheable-request
node_modules/got
download >=7.0.0
Depends on vulnerable versions of got
node_modules/download
bin-wrapper 2.1.2 || >=4.0.0
Depends on vulnerable versions of download
node_modules/bin-wrapper
hugo-bin >=0.31.0
Depends on vulnerable versions of bin-wrapper
node_modules/hugo-bin
6 high severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
Regular Expression Denial of Service - https://npmjs.com/advisories/1755
Replace bin-wrapper
?!
The downloadRepo problem involved in it runs fine locally, but after submitting to GitHub, it cannot continue when using action deployment. Where is this causing the problem? If there are other addresses that can be used normally on the GitHub side, you can test again and try to rule out the wrong direction.
Or is it possible to add fields for exclusive local use?
The address used is the following address.
"downloadRepo": "https://hub.gitmirror.com/https://github.com/"
Currently is not possible to use this lib on the new M1 Pro processor using Docker, I suspect it is because of the arch that docker is reporting, but cannot confirm.
The error I get executing this lib is:
#56 0.433
#56 0.433 > [email protected] generate-hugo-files
#56 0.433 > cd app && npm run generate
#56 0.433
#56 0.606
#56 0.606 > [email protected] generate
#56 0.606 > hugo --gc --minify --ignoreCache
#56 0.606
#56 0.679 qemu-x86_64: Could not open '/lib64/ld-linux-x86-64.so.2': No such file or directory
Lib Version: 0.82.2
Docker reported Architecture: aarch64 Linux
ref: #32 (comment)
actual: require('crypto').createHash('sha256').update(file).digest('hex')
expected: https://github.com/gohugoio/hugo/releases/download/v0.31/hugo_0.31_checksums.txt
And update any devDependencies that are held back after #57
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.