@vscode/vsce - npm Package Compare versions

Comparing version 2.27.0 to 2.27.1-0

dist/vsce.d.ts

@@ -178,2 +178,4 @@ /// <reference types="node" />
     readonly sigzipPath?: string[];
+    readonly manifestPath?: string[];
+    readonly signaturePath?: string[];
     readonly signTool?: string;
@@ -180,0 +182,0 @@ }

out/main.js

@@ -157,2 +157,4 @@ "use strict";
         .option('-i, --packagePath <paths...>', 'Publish the provided VSIX packages.')
+        .option('--manifestPath <paths...>', 'Manifest files to publish alongside the VSIX packages.')
+        .option('--signaturePath <paths...>', 'Signature files to publish alongside the VSIX packages.')
         .option('--sigzipPath <paths...>', 'Signature archives to publish alongside the VSIX packages.')
@@ -178,3 +180,3 @@ .option('--sign-tool <path>', 'Path to the VSIX signing tool. Will be invoked with two arguments: `SIGNTOOL <path/to/extension.signature.manifest> <path/to/extension.signature.p7s>`. This will be ignored if --sigzipPath is provided.')
         .option('--skip-license', 'Allow publishing without license file')
-        .action((version, { pat, azureCredential, target, ignoreOtherTargetFolders, readmePath, changelogPath, message, gitTagVersion, updatePackageJson, packagePath, sigzipPath, githubBranch, gitlabBranch, baseContentUrl, baseImagesUrl, yarn, noVerify, allowProposedApis, allowAllProposedApis, ignoreFile, dependencies, preRelease, allowStarActivation, allowMissingRepository, skipDuplicate, skipLicense, signTool, }) => main((0, publish_1.publish)({
+        .action((version, { pat, azureCredential, target, ignoreOtherTargetFolders, readmePath, changelogPath, message, gitTagVersion, updatePackageJson, packagePath, manifestPath, signaturePath, sigzipPath, githubBranch, gitlabBranch, baseContentUrl, baseImagesUrl, yarn, noVerify, allowProposedApis, allowAllProposedApis, ignoreFile, dependencies, preRelease, allowStarActivation, allowMissingRepository, skipDuplicate, skipLicense, signTool, }) => main((0, publish_1.publish)({
         pat,
@@ -191,2 +193,4 @@ azureCredential,
         packagePath,
+        manifestPath,
+        signaturePath,
         sigzipPath,
@@ -218,2 +222,8 @@ githubBranch,
     commander_1.default
+        .command('generate-manifest')
+        .description('Generates the extension manifest from the provided VSIX package.')
+        .requiredOption('-i, --packagePath <path>', 'Path to the VSIX package')
+        .option('-o, --out <path>', 'Output the extension manifest to <path> location (defaults to <packagename>.manifest)')
+        .action((packagePath, out) => main((0, package_1.generateManifest)(packagePath, out)));
+    commander_1.default
         .command('ls-publishers')
@@ -220,0 +230,0 @@ .description('Lists all known publishers')

out/package.js

@@ -29,3 +29,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.ls = exports.listFiles = exports.packageCommand = exports.signPackage = exports.pack = exports.prepublish = exports.collect = exports.createDefaultProcessors = exports.processFiles = exports.toContentTypes = exports.toVsixManifest = exports.readManifest = exports.validateManifest = exports.ValidationProcessor = exports.NLSProcessor = exports.isWebKind = exports.LicenseProcessor = exports.ChangelogProcessor = exports.ReadmeProcessor = exports.MarkdownProcessor = exports.TagsProcessor = exports.ManifestProcessor = exports.Targets = exports.versionBump = exports.BaseProcessor = exports.read = void 0;
+exports.ls = exports.listFiles = exports.packageCommand = exports.createSignatureArchive = exports.generateManifest = exports.signPackage = exports.pack = exports.prepublish = exports.collect = exports.createDefaultProcessors = exports.processFiles = exports.toContentTypes = exports.toVsixManifest = exports.readManifest = exports.validateManifest = exports.ValidationProcessor = exports.NLSProcessor = exports.isWebKind = exports.LicenseProcessor = exports.ChangelogProcessor = exports.ReadmeProcessor = exports.MarkdownProcessor = exports.TagsProcessor = exports.ManifestProcessor = exports.Targets = exports.versionBump = exports.BaseProcessor = exports.read = void 0;
 const fs = __importStar(require("fs"));
@@ -51,3 +51,3 @@ const path = __importStar(require("path"));
 const jsonc = __importStar(require("jsonc-parser"));
-const vsce_sign_1 = require("@vscode/vsce-sign");
+const vsceSign = __importStar(require("@vscode/vsce-sign"));
 const MinimatchOptions = { dot: true };
@@ -1361,10 +1361,23 @@ function isInMemoryFile(file) {
     const signatureZip = path.join(packageFolder, `${packageName}.signature.zip`);
-    // Generate the signature manifest file
-    await (0, vsce_sign_1.generateManifest)(packageFile, manifestFile);
+    await generateManifest(packageFile, manifestFile);
     // Sign the manifest file to generate the signature file
     cp.execSync(`${signTool} "${manifestFile}" "${signatureFile}"`, { stdio: 'inherit' });
-    // Create a signature zip file containing the manifest and signature file
-    return (0, vsce_sign_1.zip)(manifestFile, signatureFile, signatureZip);
+    return createSignatureArchive(manifestFile, signatureFile, signatureZip);
 }
 exports.signPackage = signPackage;
+// Generate the signature manifest file
+function generateManifest(packageFile, outputFile) {
+    if (!outputFile) {
+        const packageFolder = path.dirname(packageFile);
+        const packageName = path.basename(packageFile, '.vsix');
+        outputFile = path.join(packageFolder, `${packageName}.manifest`);
+    }
+    return vsceSign.generateManifest(packageFile, outputFile);
+}
+exports.generateManifest = generateManifest;
+// Create a signature zip file containing the manifest and signature file
+async function createSignatureArchive(manifestFile, signatureFile, outputFile) {
+    return vsceSign.zip(manifestFile, signatureFile, outputFile);
+}
+exports.createSignatureArchive = createSignatureArchive;
 async function packageCommand(options = {}) {
@@ -1371,0 +1384,0 @@ const cwd = options.cwd || process.cwd();

out/publish.js

@@ -52,2 +52,7 @@ "use strict";
         }
+        if (options.manifestPath || options.signaturePath) {
+            if (options.packagePath.length !== options.manifestPath?.length || options.packagePath.length !== options.signaturePath?.length) {
+                throw new Error(`Either all packages must be signed or none of them.`);
+            }
+        }
         for (let index = 0; index < options.packagePath.length; index++) {
@@ -76,3 +81,9 @@ const packagePath = options.packagePath[index];
             validateMarketplaceRequirements(vsix.manifest, options);
-            let sigzipPath = options.sigzipPath?.[index];
+            let sigzipPath;
+            if (options.manifestPath?.[index] && options.signaturePath?.[index]) {
+                sigzipPath = await (0, package_1.createSignatureArchive)(options.manifestPath[index], options.signaturePath[index]);
+            }
+            if (!sigzipPath) {
+                sigzipPath = options.sigzipPath?.[index];
+            }
             if (!sigzipPath && options.signTool) {
@@ -79,0 +90,0 @@ sigzipPath = await (0, package_1.signPackage)(packagePath, options.signTool);

package.json

 {
 	"name": "@vscode/vsce",
-	"version": "2.27.0",
+	"version": "2.27.1-0",
 	"description": "VS Code Extensions Manager",
@@ -5,0 +5,0 @@ "repository": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

165119

increased by1.27%

Lines of code

3326

increased by1.09%

Worsened metrics

Number of low quality alerts

1

increased byInfinity%

No dependency changes