Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@pnpm/git-resolver

Package Overview
Dependencies
Maintainers
2
Versions
133
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@pnpm/git-resolver - npm Package Compare versions

Comparing version 0.3.1 to 0.3.2

82

lib/index.js

@@ -14,2 +14,3 @@ "use strict";

const git = require("graceful-git");
const semver = require("semver");
const parsePref_1 = require("./parsePref");

@@ -26,3 +27,3 @@ const gitLogger = logger_1.default; // TODO: add namespace 'git-logger'

if (!isGitHubHosted || isSsh(wantedDependency.pref)) {
const commit = yield resolveRef(parsedSpec.fetchSpec, parsedSpec.gitCommittish || 'master');
const commit = yield resolveRef(parsedSpec.fetchSpec, parsedSpec.gitCommittish || 'master', parsedSpec.gitRange);
return {

@@ -45,3 +46,3 @@ id: parsedSpec.fetchSpec

project: parsedSpec.hosted.project,
ref: parsedSpec.hosted.committish || 'HEAD',
ref: parsedSpec.hosted.committish || 'master',
user: parsedSpec.hosted.user,

@@ -52,3 +53,3 @@ };

try {
commitId = yield tryResolveViaGitHubApi(ghSpec);
commitId = resolveRefFromRefs(yield tryResolveViaGitHubApi(ghSpec), repo, ghSpec.ref, parsedSpec.gitRange);
}

@@ -62,7 +63,7 @@ catch (err) {

tryGitHubApi = false;
commitId = yield resolveRef(repo, ghSpec.ref);
commitId = yield resolveRef(repo, parsedSpec.gitCommittish || 'master', parsedSpec.gitRange);
}
}
else {
commitId = yield resolveRef(repo, ghSpec.ref);
commitId = yield resolveRef(repo, parsedSpec.gitCommittish || 'master', parsedSpec.gitRange);
}

@@ -81,13 +82,55 @@ const tarballResolution = {

exports.default = default_1;
function resolveRef(repo, ref) {
function resolveVTags(vTags, range) {
return semver.maxSatisfying(vTags, range, true);
}
function getRepoRefs(repo) {
return __awaiter(this, void 0, void 0, function* () {
const result = yield git(['ls-remote', '--refs', repo, ref]);
// should output something like:
// 572bc3d4e16220c2e986091249e62a5913294b25 refs/heads/master
// if no ref was found, assume that ref is the commit ID
if (!result.stdout)
return ref;
return result.stdout.match(/^[a-z0-9]+/)[0];
const result = yield git(['ls-remote', '--refs', repo]);
const refs = result.stdout.split('\n').reduce((obj, line) => {
const commitAndRef = line.split('\t');
const commit = commitAndRef[0];
const ref = commitAndRef[1];
obj[ref] = commit;
return obj;
}, {});
return refs;
});
}
function resolveRef(repo, ref, range) {
return __awaiter(this, void 0, void 0, function* () {
const refs = yield getRepoRefs(repo);
return resolveRefFromRefs(refs, repo, ref, range);
});
}
function resolveRefFromRefs(refs, repo, ref, range) {
if (!range) {
const commitId = refs[ref] ||
refs[`refs/tags/${ref}^{}`] || // prefer annotated tags
refs[`refs/tags/${ref}`] ||
refs[`refs/heads/${ref}`] ||
(ref.match(/^[0-9a-f]{40}/) || [])[0];
if (!commitId) {
throw new Error(`Could not resolve ${ref} to a commit of ${repo}.`);
}
return commitId;
}
else {
const vTags = Object.keys(refs)
.filter((key) => /^refs\/tags\/v?(\d+\.\d+\.\d+(?:[-+].+)?)(\^{})?$/.test(key))
.map((key) => {
return key
.replace(/^refs\/tags\/v?/, '')
.replace(/\^{}$/, ''); // accept annotated tags
})
.filter((key) => semver.valid(key, true));
const refVTag = resolveVTags(vTags, range);
const commitId = refVTag &&
(refs[`refs/tags/${refVTag}^{}`] || // prefer annotated tags
refs[`refs/tags/${refVTag}`]);
if (!commitId) {
throw new Error(`Could not resolve ${range} to a commit of ${repo}. Available versions are: ${vTags.join(', ')}`);
}
return commitId;
}
}
function normalizeRepoUrl(parsedSpec) {

@@ -106,13 +149,10 @@ const hosted = parsedSpec.hosted; // tslint:disable-line

return __awaiter(this, void 0, void 0, function* () {
const url = [
'https://api.github.com/repos',
spec.user,
spec.project,
'commits',
spec.ref,
].join('/');
const url = `https://api.github.com/repos/${spec.user}/${spec.project}/git/refs`;
const response = yield got(url, { json: true });
return response.body.sha;
return response.body.reduce((acc, refInfo) => {
acc[refInfo.ref] = refInfo.object.sha;
return acc;
}, {});
});
}
//# sourceMappingURL=index.js.map

7

lib/parsePref.d.ts

@@ -12,8 +12,5 @@ export declare type HostedPackageSpec = ({

normalizedPref: string;
} & ({
gitCommittish: string | null;
} | {
gitCommittish: null;
gitRange: string;
}));
gitRange?: string;
});
export default function parsePref(pref: string): HostedPackageSpec | null;

8

package.json
{
"name": "@pnpm/git-resolver",
"version": "0.3.1",
"version": "0.3.2",
"description": "Resolver for git-hosted packages",

@@ -41,6 +41,8 @@ "main": "lib/index.js",

"@types/node": "^9.3.0",
"@types/semver": "^5.5.0",
"got": "^8.0.1",
"graceful-git": "^1.0.1",
"hosted-git-info": "^2.5.0",
"normalize-ssh": "^1.0.0"
"normalize-ssh": "^1.0.0",
"semver": "^5.5.0"
},

@@ -55,3 +57,3 @@ "devDependencies": {

"tape": "^4.8.0",
"ts-node": "^4.0.0",
"ts-node": "^5.0.0",
"tslint": "^5.8.0",

@@ -58,0 +60,0 @@ "typescript": "^2.6.1"

lib/index.js.map

Sorry, the diff of this file is not supported yet

lib/parsePref.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc