npm run dev
Topic summary
A developer encountered an error while running npm run deploy for a Shopify app. The error message indicated a certificate verification failure (UNABLE_TO_VERIFY_LEAF_SIGNATURE) when attempting to fetch the Javy package from GitHub.
Root Cause:
The issue was caused by ESET antivirus software blocking npm package downloads due to SSL/TLS protection rules.
Solution:
Adding an exception in the antivirus settings resolved the problem:
- Navigate to: ESET Antivirus Setup → Web and email → Web control → SSL/TLS → Application scan rules → Edit
- Add exception:
C:\Users\[User Name]\AppData\Roaming\nvm\v20.12.2\node.exe
The developer tried multiple troubleshooting steps (reinstalling nvm, reinstalling packages) before discovering the antivirus was the culprit. A Reddit thread about Node.js certificate issues provided the key insight about SSL protection rules blocking package fetches.
One day on the npm run deploy I had the next error:
Error coming from npm exec -- javy --version
Command failed with exit code 2: npm exec – javy --version
FetchError: request to https://github.com/bytecodealliance/javy/releases/latest/download/lol failed, reason: unable to verify the first certificate
at ClientRequest. (file:///C:/work/project/aurora-medical-store/aurora-app/node_modules/javy-cli/node_modules/node-fetch/src/index.js:108:11)
…
code: ‘UNABLE_TO_VERIFY_LEAF_SIGNATURE’,
I read a lot of tips and forums, reinstalled nvm, all packages and fall into the above error.
Finally the solution was in my antivirus: ESET blocked fetch packages.
I’ve found the next: https://www.reddit.com/r/node/comments/1c8mqsa/cert_issue_npm_unable_to_verify_leaf_signature/
Adding an exception for Node in SSL protection rules helped.
ESET Antivirus Setup → Web and email → Web control ->SSL/TLS → Application scan rules → Edit
Add C:\Users[User Name]\AppData\Roaming\nvm\v20.12.2\node.exe → Ignore