Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@lerna/npm-publish

Package Overview
Dependencies
Maintainers
4
Versions
83
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@lerna/npm-publish - npm Package Compare versions

Comparing version 3.0.0 to 3.0.4

13

CHANGELOG.md

@@ -6,2 +6,15 @@ # Change Log

<a name="3.0.4"></a>
## [3.0.4](https://github.com/lerna/lerna/compare/v3.0.3...v3.0.4) (2018-08-14)
### Bug Fixes
* **publish:** Only pass `--json` to `npm pack` when npm >= 5.10.0 ([71babce](https://github.com/lerna/lerna/commit/71babce)), closes [#1558](https://github.com/lerna/lerna/issues/1558)
* **publish:** Run publish from leaf nodes again ([3d348ec](https://github.com/lerna/lerna/commit/3d348ec)), closes [#1560](https://github.com/lerna/lerna/issues/1560)
<a name="3.0.0"></a>

@@ -8,0 +21,0 @@ # [3.0.0](https://github.com/lerna/lerna/compare/v3.0.0-rc.0...v3.0.0) (2018-08-10)

79

npm-publish.js
"use strict";
const fs = require("fs-extra");
const log = require("npmlog");
const path = require("path");
const pMap = require("p-map");
const ChildProcessUtilities = require("@lerna/child-process");
const getExecOpts = require("@lerna/get-npm-exec-opts");
const hasNpmVersion = require("@lerna/has-npm-version");
const logPacked = require("@lerna/log-packed");

@@ -11,2 +15,3 @@

module.exports.npmPack = npmPack;
module.exports.makePacker = makePacker;

@@ -17,3 +22,3 @@ function npmPublish(pkg, tag, { npmClient, registry }) {

const distTag = tag && tag.trim();
const opts = getExecOpts({ location: pkg.rootPath }, registry);
const opts = getExecOpts(pkg, registry);
const args = ["publish", "--ignore-scripts"];

@@ -35,11 +40,10 @@

log.silly("exec", npmClient, args);
return ChildProcessUtilities.exec(npmClient, args, opts);
return ChildProcessUtilities.exec(npmClient, args, opts).then(() =>
// don't leave the generated tarball hanging around after success
fs.remove(path.join(pkg.location, pkg.tarball))
);
}
function npmPack(rootManifest, packages) {
// NOTE: All of the istanbul-ignored branches are covered in integration tests
log.verbose("pack", packages.map(p => p.name));
function makePackOptions(rootManifest) {
const opts = getExecOpts(rootManifest);
const args = ["pack"].concat(packages.map(p => p.location));

@@ -52,4 +56,6 @@ // let that juicy npm logging have its day in the sun

// always request JSON output for easier parsing of filenames
args.push("--json");
if (hasNpmVersion(">=5.10.0")) {
// request JSON output for easier parsing of filenames
opts.env.npm_config_json = true;
}

@@ -59,5 +65,15 @@ /* istanbul ignore if */

// override process.env.npm_config_dry_run from integration tests
args.push("--no-dry-run");
opts.env.npm_config_dry_run = false;
}
log.silly("exec", "npm options", opts);
return opts;
}
function npmPack(rootManifest, packages, opts = makePackOptions(rootManifest)) {
// NOTE: All of the istanbul-ignored branches are covered in integration tests
log.verbose("pack", packages.map(p => p.name));
const args = ["pack"].concat(packages.map(p => p.location));
log.silly("exec", "npm", args);

@@ -85,3 +101,2 @@ const proc = ChildProcessUtilities.exec("npm", args, opts);

proc.stdout.on("data", chunk => {
/* istanbul ignore else */
if (jsonBegan) {

@@ -101,4 +116,4 @@ // it could be larger than a single chunk

return proc.then(() => {
const tarballs = JSON.parse(jsonString);
return proc.then(result => {
const tarballs = jsonString ? JSON.parse(jsonString) : parseLegacyTarballs(result, packages);

@@ -114,4 +129,40 @@ tarballs.forEach(logPacked);

return proc;
return pMap(
packages,
pkg => {
const inRoot = path.join(pkg.rootPath, pkg.tarball);
const toLeaf = path.join(pkg.location, pkg.tarball);
return fs.move(inRoot, toLeaf, { overwrite: true });
},
{ concurrency: 10 }
);
});
}
function makePacker(rootManifest) {
const opts = makePackOptions(rootManifest);
return packages => npmPack(rootManifest, packages, opts);
}
function parseLegacyTarballs(result, packages) {
// legacy `npm pack` outputs the generated tarball names
// at the end of stdout in the order of package input(s)
const isTgz = /^[\S]+\.tgz$/;
const lines = result.stdout.split("\n");
const files = lines.filter(line => isTgz.test(line));
// each result is passed to log-packed, so it needs decoration
return files.map((filename, idx) => {
const pkg = packages[idx];
return {
// the important part
filename,
// make log-packed show _something_ useful
name: pkg.name,
version: pkg.version,
};
});
}

11

package.json
{
"name": "@lerna/npm-publish",
"version": "3.0.0",
"version": "3.0.4",
"description": "An internal Lerna tool",

@@ -35,6 +35,9 @@ "keywords": [

"@lerna/get-npm-exec-opts": "^3.0.0",
"@lerna/log-packed": "^3.0.0",
"npmlog": "^4.1.2"
"@lerna/has-npm-version": "^3.0.4",
"@lerna/log-packed": "^3.0.4",
"fs-extra": "^6.0.1",
"npmlog": "^4.1.2",
"p-map": "^1.2.0"
},
"gitHead": "0c40a17a7cd4e9acd8e7ec33ffacd1c1acef5dc6"
"gitHead": "eea9c5f5cbb3c831350af080b8b71b4fad8df91f"
}
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc