Skip to content

[electron] EAI_AGAIN on SHASUMS256.txt - recent electron versions ignore cache #452

New issue
New issue
Open
Open
[electron] EAI_AGAIN on SHASUMS256.txt - recent electron versions ignore cache#452
Labels
nodeupstream-bug
@Ian2020

Description

@Ian2020
Ian2020
opened on Apr 18, 2025

flatpak-builder version

1.4.4

Linux distribution and version

Fedora 40

Affected flatpak-builder tool

node/flatpak-node-generator.py

flatpak-builder tool cli args

No response

Source repository URL

https://github.com/FelicianoTech/pocket-casts-desktop-app/

Flatpak-builder manifest URL

https://github.com/flathub/tech.feliciano.pocket-casts/blob/master/tech.feliciano.pocket-casts.yml

Description

I've created this issue after investigating a problem with @hadess for the pocket casts flatpak. See our original discussion here:

flathub/tech.feliciano.pocket-casts#11 (comment)

The problem will look like this when building an electron flatpak:

@electron/get:index Checking the cache (undefined) for electron-v33.3.1-linux-x64.zip (https://github.com/electron/electron/releases/download/v33.3.1/electron-v33.3.1-linux-x64.zip) +0ms
  @electron/get:index Cache hit +1ms
  @electron/get:index Downloading https://github.com/electron/electron/releases/download/v33.3.1/SHASUMS256.txt to /tmp/electron-download-kuYwvR/SHASUMS256.txt with options: undefined +1ms
  @electron/get:index Artifact in cache didn't match checksums RequestError: getaddrinfo EAI_AGAIN github.com

Quoting myself:

The real problem I think is that v3.1.0 of electron/get (released July 2024) forces checksum validation to always hit the network by hardcoding ElectronDownloadCacheMode.Bypass: electron/get@0adc5b9#diff-a2a171449d862fe29692ce031981047d7ab755ae7f84c707aef80701b3ea0c80R50-R87

This will be a problem for all electron flatpaks when they update to that version I think.

For anyone experiencing this issue you can workaround it by patching electron forge's packager config to either

  1. Inject the needed checksums (any keep them up-to-date)
  2. Ignore checksum checks (unsafe)

The docs for this config start here: https://www.electronforge.io/config/configuration#electron-packager-config

For an example of how to do (1) see the pocket casts flatpak who are patching the upstream forge.config.js:

https://github.com/flathub/tech.feliciano.pocket-casts/blob/193217eed3a4c381d1f524b17cf9762836017e55/0001-Avoid-network-access-to-get-Electron-runtime-checksu.patch

...but the way you configure this will very much depend on your project - whether it has a forge.config.js already or whether the forge config is already inside package.json.

For approach (2) you can skip checksum validation completely by patching package.json with this config instead:

"packagerConfig": {
  "download": {
    "unsafelyDisableChecksums": true
  }
},

In my opinion electron forge should revert back to the previous behaviour and let the cache supply checksums if already present, so tools that build offline like flatpak don't have to use these complicated workarounds.

Metadata

Metadata

Assignees

No one assigned

    Labels

    nodeupstream-bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions