beachball - npm Package Compare versions

Comparing version 2.32.1 to 2.32.2

lib/commands/canary.js

@@ -24,3 +24,3 @@ "use strict";
     }
-    const packageVersions = await listPackageVersions_1.listPackageVersions([...bumpInfo.modifiedPackages], options.registry);
+    const packageVersions = await listPackageVersions_1.listPackageVersions([...bumpInfo.modifiedPackages], options);
     for (const pkg of bumpInfo.modifiedPackages) {
@@ -27,0 +27,0 @@ let newVersion = oldPackageInfo[pkg].version;

lib/commands/publish.js

@@ -62,3 +62,3 @@ "use strict";
     if (options.new) {
-        bumpInfo.newPackages = new Set(await getNewPackages_1.getNewPackages(bumpInfo, options.registry));
+        bumpInfo.newPackages = new Set(await getNewPackages_1.getNewPackages(bumpInfo, options));
     }
@@ -65,0 +65,0 @@ // Step 1. Bump + npm publish

lib/commands/sync.js

@@ -17,3 +17,3 @@ "use strict";
     const infos = new Map(Object.entries(packageInfos).filter(([pkg, info]) => !info.private && scopedPackages.has(pkg)));
-    const publishedVersions = await listPackageVersions_1.listPackageVersionsByTag([...infos.values()], options.registry, options.tag, options.token, options.authType);
+    const publishedVersions = await listPackageVersions_1.listPackageVersionsByTag([...infos.values()], options.tag, options);
     const modifiedPackages = new Set();
@@ -20,0 +20,0 @@ for (const [pkg, info] of infos.entries()) {

lib/options/getCliOptions.js

@@ -13,3 +13,3 @@ "use strict";
     if (argv === process.argv) {
-        if (!cachedCliOptions) {
+        if (process.env.BEACHBALL_DISABLE_CACHE || !cachedCliOptions) {
             cachedCliOptions = getCliOptionsUncached(process.argv);
@@ -16,0 +16,0 @@ }

lib/options/getRepoOptions.js

@@ -9,3 +9,3 @@ "use strict";
     const { configPath, path: cwd, branch } = cliOptions;
-    if (cachedRepoOptions.has(cliOptions)) {
+    if (!process.env.BEACHBALL_DISABLE_CACHE && cachedRepoOptions.has(cliOptions)) {
         return cachedRepoOptions.get(cliOptions);
@@ -12,0 +12,0 @@ }

lib/packageManager/listPackageVersions.d.ts

 import { PackageInfo } from '../types/PackageInfo';
-import { AuthType } from '../types/Auth';
-export declare function getNpmPackageInfo(packageName: string, registry: string, token?: string, authType?: AuthType): Promise<any>;
-export declare function listPackageVersionsByTag(packageInfos: PackageInfo[], registry: string, tag: string, token?: string, authType?: AuthType): Promise<{
+import { NpmOptions } from '../types/NpmOptions';
+export declare function listPackageVersionsByTag(packageInfos: PackageInfo[], tag: string | undefined, options: NpmOptions): Promise<{
     [pkg: string]: string;
 }>;
-export declare function listPackageVersions(packageList: string[], registry: string): Promise<{
+export declare function listPackageVersions(packageList: string[], options: NpmOptions): Promise<{
     [pkg: string]: string[];
 }>;
 //# sourceMappingURL=listPackageVersions.d.ts.map

lib/packageManager/listPackageVersions.js

@@ -6,48 +6,40 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.listPackageVersions = exports.listPackageVersionsByTag = exports.getNpmPackageInfo = void 0;
+exports.listPackageVersions = exports.listPackageVersionsByTag = void 0;
 const npm_1 = require("./npm");
 const p_limit_1 = __importDefault(require("p-limit"));
-const packageVersions = {};
+const packageVersionsCache = {};
 const NPM_CONCURRENCY = 5;
-async function getNpmPackageInfo(packageName, registry, token, authType) {
-    if (!packageVersions[packageName]) {
+async function getNpmPackageInfo(packageName, options) {
+    const { registry, token, authType, timeout } = options;
+    if (process.env.BEACHBALL_DISABLE_CACHE || !packageVersionsCache[packageName]) {
         const args = ['show', '--registry', registry, '--json', packageName, ...npm_1.getNpmAuthArgs(registry, token, authType)];
-        const showResult = await npm_1.npmAsync(args);
+        const showResult = await npm_1.npmAsync(args, { timeout });
         if (showResult.success && showResult.stdout !== '') {
             const packageInfo = JSON.parse(showResult.stdout);
-            packageVersions[packageName] = packageInfo;
+            packageVersionsCache[packageName] = packageInfo;
         }
         else {
-            packageVersions[packageName] = {};
+            packageVersionsCache[packageName] = {};
         }
     }
-    return packageVersions[packageName];
+    return packageVersionsCache[packageName];
 }
-exports.getNpmPackageInfo = getNpmPackageInfo;
-async function listPackageVersionsByTag(packageInfos, registry, tag, token, authType) {
+async function listPackageVersionsByTag(packageInfos, tag, options) {
     const limit = p_limit_1.default(NPM_CONCURRENCY);
-    const all = [];
     const versions = {};
-    for (const pkg of packageInfos) {
-        all.push(limit(async () => {
-            const info = await getNpmPackageInfo(pkg.name, registry, token, authType);
-            const npmTag = tag || pkg.combinedOptions.tag || pkg.combinedOptions.defaultNpmTag;
-            versions[pkg.name] = info['dist-tags'] && info['dist-tags'][npmTag] ? info['dist-tags'][npmTag] : undefined;
-        }));
-    }
-    await Promise.all(all);
+    await Promise.all(packageInfos.map(pkg => limit(async () => {
+        const info = await getNpmPackageInfo(pkg.name, options);
+        const npmTag = tag || pkg.combinedOptions.tag || pkg.combinedOptions.defaultNpmTag;
+        versions[pkg.name] = info['dist-tags'] && info['dist-tags'][npmTag] ? info['dist-tags'][npmTag] : undefined;
+    })));
     return versions;
 }
 exports.listPackageVersionsByTag = listPackageVersionsByTag;
-async function listPackageVersions(packageList, registry) {
+async function listPackageVersions(packageList, options) {
     const limit = p_limit_1.default(NPM_CONCURRENCY);
-    const all = [];
     const versions = {};
-    for (const pkg of packageList) {
-        all.push(limit(async () => {
-            const info = await getNpmPackageInfo(pkg, registry);
-            versions[pkg] = info && info.versions ? info.versions : [];
-        }));
-    }
-    await Promise.all(all);
+    await Promise.all(packageList.map(pkg => limit(async () => {
+        const info = await getNpmPackageInfo(pkg, options);
+        versions[pkg] = info && info.versions ? info.versions : [];
+    })));
     return versions;
@@ -54,0 +46,0 @@ }

lib/packageManager/packagePublish.d.ts

 import { PackageInfo } from '../types/PackageInfo';
-import { AuthType } from '../types/Auth';
-export declare function packagePublish(packageInfo: PackageInfo, registry: string, token: string, access: string, authType?: AuthType, timeout?: number | undefined, gitTimeout?: number | undefined): Promise<import("execa").ExecaReturnValue<string> & {
+import { NpmOptions } from '../types/NpmOptions';
+export declare function packagePublish(packageInfo: PackageInfo, options: NpmOptions): Promise<import("execa").ExecaReturnValue<string> & {
     success: boolean;
 }>;
 //# sourceMappingURL=packagePublish.d.ts.map

lib/packageManager/packagePublish.js

@@ -9,3 +9,4 @@ "use strict";
 const npm_1 = require("./npm");
-function packagePublish(packageInfo, registry, token, access, authType, timeout, gitTimeout) {
+function packagePublish(packageInfo, options) {
+    const { registry, token, authType, access, timeout } = options;
     const packageOptions = packageInfo.combinedOptions;
@@ -12,0 +13,0 @@ const packagePath = path_1.default.dirname(packageInfo.packageJsonPath);

lib/publish/getNewPackages.d.ts

 import { BumpInfo } from '../types/BumpInfo';
-export declare function getNewPackages(bumpInfo: BumpInfo, registry: string): Promise<string[]>;
+import { NpmOptions } from '../types/NpmOptions';
+export declare function getNewPackages(bumpInfo: BumpInfo, options: NpmOptions): Promise<string[]>;
 //# sourceMappingURL=getNewPackages.d.ts.map

lib/publish/getNewPackages.js

@@ -5,6 +5,6 @@ "use strict";
 const listPackageVersions_1 = require("../packageManager/listPackageVersions");
-async function getNewPackages(bumpInfo, registry) {
+async function getNewPackages(bumpInfo, options) {
     const { modifiedPackages, packageInfos } = bumpInfo;
     const newPackages = Object.keys(packageInfos).filter(pkg => !modifiedPackages.has(pkg));
-    const publishedVersions = await listPackageVersions_1.listPackageVersions(newPackages, registry);
+    const publishedVersions = await listPackageVersions_1.listPackageVersions(newPackages, options);
     return newPackages.filter(pkg => {
@@ -11,0 +11,0 @@ const packageInfo = packageInfos[pkg];

lib/publish/publishToRegistry.js

@@ -18,3 +18,2 @@ "use strict";
 async function publishToRegistry(originalBumpInfo, options) {
-    const { registry, token, access, timeout, authType } = options;
     const bumpInfo = lodash_1.default.cloneDeep(originalBumpInfo);
@@ -27,3 +26,3 @@ const { modifiedPackages, newPackages, packageInfos } = bumpInfo;
     let invalid = false;
-    if (!(await validatePackageVersions_1.validatePackageVersions(bumpInfo, registry))) {
+    if (!(await validatePackageVersions_1.validatePackageVersions(bumpInfo, options))) {
         displayManualRecovery_1.displayManualRecovery(bumpInfo, succeededPackages);
@@ -72,3 +71,3 @@ invalid = true;
         do {
-            result = await packagePublish_1.packagePublish(packageInfo, registry, token, access, authType, timeout);
+            result = await packagePublish_1.packagePublish(packageInfo, options);
             if (result.success) {
@@ -75,0 +74,0 @@ console.log('Published!');

lib/publish/validatePackageVersions.d.ts

 import { BumpInfo } from '../types/BumpInfo';
+import { NpmOptions } from '../types/NpmOptions';
 /**
  * Validate a package being published is not already published.
  */
-export declare function validatePackageVersions(bumpInfo: BumpInfo, registry: string): Promise<boolean>;
+export declare function validatePackageVersions(bumpInfo: BumpInfo, options: NpmOptions): Promise<boolean>;
 //# sourceMappingURL=validatePackageVersions.d.ts.map

lib/publish/validatePackageVersions.js

@@ -9,3 +9,3 @@ "use strict";
  */
-async function validatePackageVersions(bumpInfo, registry) {
+async function validatePackageVersions(bumpInfo, options) {
     let hasErrors = false;
@@ -20,3 +20,3 @@ const packages = [...bumpInfo.modifiedPackages].filter(pkg => {
     });
-    const publishedVersions = await listPackageVersions_1.listPackageVersions(packages, registry);
+    const publishedVersions = await listPackageVersions_1.listPackageVersions(packages, options);
     for (const pkg of packages) {
@@ -23,0 +23,0 @@ const packageInfo = bumpInfo.packageInfos[pkg];

lib/types/BeachballOptions.d.ts

@@ -22,3 +22,5 @@ import { AuthType } from './Auth';
     package?: string | string[];
+    /** Timeout for npm operations (other than install, which is expected to take longer) */
     timeout?: number;
+    /** Timeout for `git push` operations */
     gitTimeout?: number;
@@ -25,0 +27,0 @@ token: string;

package.json

 {
   "name": "beachball",
-  "version": "2.32.1",
+  "version": "2.32.2",
   "description": "The Sunniest Semantic Version Bumper",
@@ -58,6 +58,6 @@ "repository": {
   "devDependencies": {
-    "@jest/globals": "^28.1.3",
+    "@jest/globals": "^29.0.0",
     "@types/fs-extra": "^9.0.13",
     "@types/lodash": "^4.14.191",
-    "@types/minimatch": "^3.0.5",
+    "@types/minimatch": "^5.0.0",
     "@types/node": "^14.0.0",
@@ -68,8 +68,8 @@ "@types/prompts": "^2.4.2",
     "@types/toposort": "^2.0.3",
-    "@types/uuid": "^8.3.4",
+    "@types/uuid": "^9.0.0",
     "@types/yargs-parser": "^21.0.0",
     "find-free-port": "^2.0.0",
-    "gh-pages": "^4.0.0",
-    "jest": "^28.1.3",
-    "jest-mock": "^28.1.3",
+    "gh-pages": "^5.0.0",
+    "jest": "^29.0.0",
+    "jest-mock": "^29.0.0",
     "normalized-tmpdir": "^1.0.1",
@@ -79,3 +79,3 @@ "prettier": "~2.8.4",
     "tmp": "^0.2.1",
-    "ts-jest": "^28.0.8",
+    "ts-jest": "^29.0.0",
     "typescript": "~4.3.5",
@@ -82,0 +82,0 @@ "verdaccio": "^4.13.2",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

318454

increased by0.07%

Number of package files

304

increased by1.33%

Worsened metrics

Lines of code

3958

decreased by-0.03%

Number of low supply chain risk alerts

13

increased by30%

No dependency changes