Developer error encyclopedia
A curated reference of the most-searched developer error codes with their root cause, the exact symptom you see in the terminal or browser, and a step-by-step fix that works in 2026. Eight common errors are documented in depth here, covering Node.js, Python, npm, web browsers and reverse proxies. Use the search box or the filter chips below to jump to the one that matches your stack.
All eight entries are open below. Search highlights matching entries and hides the rest.
EACCES: permission denied
What you see
Error: EACCES: permission denied, open '/etc/myapp/config.json'
at Object.openSync (node:fs:603:3)
at Object.readFileSync (node:fs:471:35)
Why it happens
The Node.js process tried to read, write or execute a path the operating system does not let it touch. The two everyday causes are: the file or directory is owned by another user (often root) and the current process runs as a different user; or the file’s permission bits exclude the current user (mode 600 owned by root, for example).
Fix
- Identify the path that fails. The error message gives it (here
/etc/myapp/config.json). - Check the actual permissions and owner with
ls -la /etc/myapp/config.json. The first column shows the bits, the third the owner. - Fix the bits if your user should have access. Add read for the owner with
chmod u+r /etc/myapp/config.json, or open it to everyone withchmod 644. - Fix the ownership if the file belongs to the wrong user:
sudo chown $USER:$USER /etc/myapp/config.json. - Avoid running with sudo as a habit. Most EACCES errors come from a Node app that needs to write to a folder created by a different user. Move the writable folder to the user’s home, do not chmod 777 a system path.
- npm install global error: if EACCES hits
/usr/lib/node_modules, configure npm to use a folder under~/.npm-globalinstead of runningsudo npm install -g. Add~/.npm-global/binto your PATH.
ENOENT: no such file or directory
What you see
Error: ENOENT: no such file or directory, open './config/local.json'
at Object.openSync (node:fs:603:3)
Why it happens
The path Node.js was asked to open does not resolve to an actual file. The classic root causes are a relative path that depends on the current working directory (which can differ between development and a systemd service), a typo in the filename, a missing file in the deployment bundle, or a symlink that points nowhere.
Fix
- Print the resolved path before the failing call:
console.log(require('path').resolve('./config/local.json')). Compare with where the file actually lives. - Use absolute paths with
path.join(__dirname, 'config', 'local.json').__dirnameis the directory of the source file, immune to the runtime cwd. - Verify deployment if the error only happens on the server:
ls -lathe working directory of the systemd service and confirm the file is present. The build pipeline may have excluded it. - Handle missing files gracefully when expected: wrap with a try/catch and fall back to a default, or check with
fs.existsSync()before reading. - Watch for trailing whitespace in dynamic paths: a filename read from a CSV often has a stray space or newline; trim before passing to the fs call.
EADDRINUSE: address already in use
What you see
Error: listen EADDRINUSE: address already in use :::3000
at Server.setupListenHandle [as _listen2] (node:net:1740:16)
Why it happens
The port your server tried to bind to is held by another process. The most common cases are a previous run of the same Node app that did not shut down cleanly, a different service on the same port (Docker, another framework’s dev server), or a zombie process kept alive by nodemon during hot reload.
Fix
- Find what holds the port. On Linux/macOS:
lsof -iTCP:3000 -sTCP:LISTEN -n -P. On Windows:netstat -ano | findstr :3000then look up the PID. - Kill the rogue process:
kill -9 <PID>(Linux/macOS) ortaskkill /F /PID <PID>(Windows). - Use a different port as a quick mitigation:
PORT=3001 node server.js, especially in dev when port 3000 is contested. - Free the port with SO_REUSEADDR at server startup: some frameworks expose a
reusePortorexclusiveoption to handle leftover sockets after a crash. - Wait for TIME_WAIT after a crash on a TCP server: the kernel can hold the socket in TIME_WAIT for up to two minutes. Bind to
0.0.0.0:0for a free random port if you can pick at startup, otherwise wait.
CORS error: blocked by Access-Control-Allow-Origin
What you see
Access to fetch at 'https://api.example.com/users' from origin 'https://app.example.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Why it happens
The browser refused to expose the cross-origin response to the page because the server did not return an Access-Control-Allow-Origin header matching the page origin. CORS is enforced by the browser, not by the server: the request often reached the API and produced a response, but the browser dropped that response on the floor before it reached your JavaScript.
Fix
- Confirm the server side by curling the API:
curl -i -H "Origin: https://app.example.com" https://api.example.com/users. Check for anAccess-Control-Allow-Originheader in the response. - Fix the server if you control it. Add the response header for the right origin (avoid
*when credentials are used). Express:app.use(cors({ origin: 'https://app.example.com', credentials: true })). Nginx:add_header 'Access-Control-Allow-Origin' 'https://app.example.com' always;. - Handle pre-flight for non-simple requests: the browser sends an
OPTIONSfirst, which must returnAccess-Control-Allow-MethodsandAccess-Control-Allow-Headers. A 404 on OPTIONS produces the same CORS error. - Use a reverse proxy if you cannot change the API: serve
/api/*from the same origin as the app, and let nginx proxy_pass to the real API host. The browser then sees a same-origin request. - Do NOT disable web security in the browser or set
Access-Control-Allow-Origin: *when credentials are involved. Both are reliable ways to ship a security bug.
502 Bad Gateway
What you see
Either a plain HTML page from Nginx saying “502 Bad Gateway”, a Cloudflare branded page with error 502, or a fetch in the browser console returning HTTP 502.
Why it happens
A reverse proxy in front of your app (Nginx, Apache, Cloudflare, an ELB) received an invalid response from the upstream, or the upstream did not respond at all. The three usual causes are: the upstream process crashed and the socket is closed; the upstream is up but too slow and the proxy timed out waiting; or there is a protocol mismatch (the proxy speaks HTTP/1.1 to a process that only speaks HTTP/2 cleartext).
Fix
- Check the upstream is alive:
curl -i http://127.0.0.1:8080/healthfrom the same machine as the proxy. If this fails, the bug is in the upstream. - Read the proxy error log: Nginx writes to
/var/log/nginx/error.log. The line says exactly what failed (connection refused, timeout, upstream closed prematurely). - Raise the proxy timeout if the upstream is slow but works:
proxy_read_timeout 60s;in Nginx, or the equivalent in Apache. - Match the protocols. If the upstream is HTTP/2, ensure the proxy speaks HTTP/2 to it or that the upstream also serves HTTP/1.1. Cloudflare’s “Always Use HTTPS” plus an HTTP origin produces a 502 loop.
- Watch the upstream restart loop. If your systemd unit crashes,
systemctl statusshows the restart count. A constantly restarting service produces intermittent 502s; fix the crash, not the proxy.
ModuleNotFoundError: No module named ‘X’
What you see
Traceback (most recent call last):
File "main.py", line 1, in <module>
import requests
ModuleNotFoundError: No module named 'requests'
Why it happens
The Python interpreter could not find the module on its import path. The classic causes are: the package is not installed in the active environment (you installed it globally but you run in a venv, or the reverse); two Python versions on the same machine pull from different site-packages; a typo in the module name; or a circular import where the module references itself before it is fully loaded.
Fix
- Confirm which Python you run:
python --versionandwhich python(orwhere pythonon Windows). The output should match the interpreter inside your venv. - Activate the venv before installing or running:
source venv/bin/activate(Linux/macOS) orvenv\Scripts\activate(Windows). - Install into the right environment:
python -m pip install requests. Thepython -m pipform guarantees pip targets the same interpreter you are about to run. - Verify the install:
python -c "import requests; print(requests.__file__)". The printed path tells you which site-packages the module came from. - Check the spelling: PyPI package
pillowimports asPIL;beautifulsoup4imports asbs4;opencv-pythonimports ascv2. The install name and the import name are not always the same.
SyntaxError: Unexpected token < in JSON at position 0
What you see
Uncaught (in promise) SyntaxError: Unexpected token '<', "<!DOCTYPE "... is not valid JSON
Why it happens
JSON.parse was called on a string that is not JSON. The string almost always starts with < or <!DOCTYPE html>, which means the server returned HTML where the client expected JSON. The most common cause is a 4xx or 5xx error where the API returns its branded error page in HTML, while the client code calls .json() on the response without checking the status code first.
Fix
- Inspect the response before parsing. In the browser Network tab, find the failing request and look at the response body. If it is HTML, the server returned an error.
- Check the status code before calling
.json():if (!response.ok) throw new Error(`HTTP ${response.status}`). - Read the Content-Type header: only call
.json()if it starts withapplication/json. Otherwise useresponse.text()and surface a meaningful error. - Fix the URL: a 404 on a wrong path often returns the SPA’s
index.htmlinstead of an API JSON. Confirm the URL in the Network tab matches what the API actually exposes. - Beware of authentication redirects: an expired session can return a login HTML page for a fetch that should be JSON. Detect a 401 or a redirect chain and handle it before parsing.
npm ERR! ERESOLVE could not resolve / peer dep missing
What you see
npm ERR! code ERESOLVE npm ERR! ERESOLVE could not resolve npm ERR! While resolving: my-app@1.0.0 npm ERR! Found: react@18.2.0 npm ERR! Could not resolve dependency: npm ERR! peer react@"^17.0.0" from some-legacy-lib@2.3.4
Why it happens
npm 7+ enforces peer dependencies. The resolver sees a package that demands React 17 while your project ships React 18, and refuses to install. The legitimate causes are an outdated dependency in the tree, a typo in your package.json version constraint, or two transitive dependencies that disagree on a peer.
Fix
- Identify the offender: the error names the package (
some-legacy-lib@2.3.4) and the conflict. Search for an updated version on the npm registry that supports your React version. - Upgrade the dependency:
npm install some-legacy-lib@latest. Most maintenance updates target the current major React. - Replace with an alternative if the package is abandoned: a maintained fork or a different library that does the same job.
- Force resolution as a last resort:
npm install --legacy-peer-depsskips the check. Use only when you know the peer warning is wrong (rare). Document why in the project README. - Audit the lockfile: an old
package-lock.jsoncan lock in a transitive that is no longer compatible.rm package-lock.json node_modules && npm installrebuilds clean.
Why a curated dev error hub is more useful than 100 random Stack Overflow tabs
Stack Overflow answers individual questions extremely well, but the cost of using it during a debugging session is the time spent reading three accepted answers from 2014, two upvoted ones from 2019, and a comment chain that ends in “fixed by upgrading the library”. A focused error hub is the opposite trade-off: each entry covers one well-documented error, the cause is stated up front, the fix is a five-step list, and the snippets are tested against the current generation of tooling (Node 22+, Python 3.12+, npm 10+, modern browsers in 2026). The signal-to-noise ratio is much higher when you are stuck and need a fix in two minutes.
This hub starts with eight entries chosen by search volume and severity in 2026. Future updates will expand to the long tail: more transport errors (EHOSTUNREACH, ECONNREFUSED), more language-specific errors (Go panic, Rust borrow checker, Java NullPointerException), and platform-specific errors (Docker exit codes, Kubernetes CrashLoopBackOff). The structure stays the same: one error per entry, four sections (what you see / why / fix / related), aggressively factual, no clickbait.
How to use this page during a debugging session
- Copy the error code or the first words of the stack trace from your terminal, paste in the search box. Matching entries stay visible, others hide. The match is permissive: it scans the visible text and the data-tags of each entry, so partial codes, lowercased fragments, or just the symptom (“permission denied”) all hit.
- Filter by stack tag if you know your context: Node.js, Python, Browser, Nginx, filesystem, network, process. The filter is permissive: an entry tagged Node.js stays visible when you filter on “filesystem” because the entry also carries that tag. Clear the active chip (“All”) to lift the filter.
- Read the “Why it happens” section first. Skipping straight to the fix often produces a working build with the underlying bug still in place — the same error reappears a week later under a slightly different shape and costs another two hours.
- Bookmark the deep link: each error has an anchor (
#eacces,#cors, etc.). Share the anchored URL with a teammate to get them on the same page in two seconds, or pin it in your team Slack so the next person hitting the same error finds the curated answer instead of a fresh Google search.
Conventions used in every entry
Each error entry on this page follows the same four-block structure so you can skim a long list quickly. The first block (What you see) gives the raw text or stack trace the runtime prints, copied verbatim so a search engine landing matches your terminal output. The second block (Why it happens) is a one-paragraph cause-of-cause analysis: not “this happens when X”, but “X happens because Y, and Y is usually triggered by Z in your project”. The third block (How to fix) is a numbered list of concrete commands or code changes, ordered from cheapest fix (config flag, env var) to deepest (refactor, version bump). The fourth block (Related) cross-links to other entries or tools on PeopleAreGeek that come up in the same debugging context — for example, an HTTP 502 entry links to the CDN detector and HTTP headers checker because reproducing the failure usually requires both. Every snippet is tested against the current generation of the runtime named in the entry, and we replace examples whenever a major version ships rather than leaving a 2019 answer to age.
What this hub will become (roadmap)
The current eight entries are the start. The plan over the next quarter is to grow this hub into a structured database of 100-200 entries with the same format, then to publish each entry as an individual page that can rank on its own long-tail query (“EACCES Node.js fix”, “ENOENT no such file or directory”). Each promoted page will preserve the same four-block structure, add a real-world reproduction scenario, and link back here so the hub stays the table-of-contents view. Submit your own errors via the related PeopleAreGeek contact channel and we will add the ones that are not already in the queue. Priority is given to errors that lack a clear top-result answer in 2026, errors that produce confusing or misleading messages (where the runtime says one thing but the cause is unrelated), and errors that block a deploy or a production restart. Errors that are essentially “you forgot a semicolon” or “you typoed a variable name” are out of scope — those are best left to your linter and your editor’s red squiggly underline.
Frequently asked questions
How do you choose which errors to include?
Two criteria: search volume on Google over the last 12 months and severity (an error that blocks a deploy ranks above one that only annoys during local dev). The starting eight cover the highest-frequency errors across Node.js, Python, npm, browser fetch and reverse-proxy 5xx because those produce the most “stuck” minutes per developer per week.
Why not just link to Stack Overflow for each?
Stack Overflow is great for novel issues. For recurring well-known errors, the time spent reading multiple answers and validating which one is current is the actual cost. This hub trades discovery for curation: every entry is reviewed and updated against the current tooling.
How often is each entry reviewed?
Every six months minimum, immediately when a major version of the relevant runtime ships (e.g. a new Node.js LTS), and whenever a reader flags an outdated snippet. Each entry will eventually carry a “last verified” date as the hub grows.
Can I suggest an error to add?
Yes. Send the error code and a one-line summary to contact@peoplearegeek.com. We prioritise errors that have at least 1,000 monthly searches and no clear top result on Google.
Is this hub language-agnostic?
It started with Node.js, Python, npm, browser fetch and Nginx because those cover most of the modern web-app stack. Go, Rust, Java and Kubernetes entries are queued for the next quarter.
Do I need to sign up to use the hub?
No. The page is free, public, no signup, no telemetry on what you search. The filter and search run entirely in your browser.
