Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

containerify

Package Overview
Dependencies
Maintainers
1
Versions
20
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

containerify - npm Package Compare versions

Comparing version
3.3.1
 to
3.3.2
+19
-33
lib/appLayerCreator.js

@@ -25,35 +25,21 @@ "use strict";

const ignore = [".git", ".gitignore", ".npmrc", ".DS_Store", "npm-debug.log", ".svn", ".hg", "CVS"];
function statCache(layerOwner) {
function createOnWriteEntry(layerOwner) {
if (!layerOwner)
return null;
// We use the stat cache to overwrite uid and gid in image.
// A bit hacky
const statCacheMap = new Map();
const a = layerOwner.split(":");
const gid = parseInt(a[0]);
const uid = parseInt(a[1]);
return {
get: function (name) {
if (statCacheMap.has(name))
return statCacheMap.get(name);
const stat = fss.statSync(name);
stat.uid = uid;
stat.gid = gid;
stat.atime = new Date(0);
stat.mtime = new Date(0);
stat.ctime = new Date(0);
stat.birthtime = new Date(0);
stat.atimeMs = 0;
stat.mtimeMs = 0;
stat.ctimeMs = 0;
stat.birthtimeMs = 0;
statCacheMap.set(name, stat);
return stat;
},
set: function (name, stat) {
statCacheMap.set(name, stat);
},
has: function () {
return true;
},
return undefined;
// We use onWriteEntry to overwrite uid and gid in the tar archive
// Format is already validated in cli.ts to be "gid:uid"
const parts = layerOwner.split(":");
const gid = parseInt(parts[0], 10);
const uid = parseInt(parts[1], 10);
return (entry) => {
if (entry.header) {
entry.header.uid = uid;
entry.header.gid = gid;
entry.header.uname = "";
entry.header.gname = "";
// Set all timestamps to epoch to match original behavior
entry.header.atime = new Date(0);
entry.header.mtime = new Date(0);
entry.header.ctime = new Date(0);
}
};

@@ -131,3 +117,3 @@ }

}
yield tar.create(Object.assign(Object.assign({}, tarDefaultConfig), Object.assign({ statCache: statCache(options.layerOwner), portable: !options.layerOwner, prefix: "/", cwd: buildDir, file: layerFile, gzip: true, noMtime: !(options.setTimeStamp || options.preserveTimeStamp) }, (options.setTimeStamp ? { mtime: new Date(options.setTimeStamp) } : {}))), filesToTar);
yield tar.create(Object.assign(Object.assign({}, tarDefaultConfig), Object.assign({ onWriteEntry: createOnWriteEntry(options.layerOwner), portable: !options.layerOwner, prefix: "/", cwd: buildDir, file: layerFile, gzip: true, noMtime: !(options.setTimeStamp || options.preserveTimeStamp) }, (options.setTimeStamp ? { mtime: new Date(options.setTimeStamp) } : {}))), filesToTar);
const fhash = yield calculateHash(layerFile);

@@ -134,0 +120,0 @@ const finalName = path.join(todir, fhash + ".tar.gz");

+9
-4
lib/httpRequest.js

@@ -23,3 +23,2 @@ "use strict";

const http = require("http");
const URL = require("url");
const logger_1 = require("./logger");

@@ -32,5 +31,11 @@ const types_1 = require("./types");

function createHttpOptions(method, url, headers) {
const options = Object.assign({}, URL.parse(url));
options.headers = headers;
options.method = method;
const parsedUrl = new URL(url);
const options = {
protocol: parsedUrl.protocol,
hostname: parsedUrl.hostname,
port: parsedUrl.port,
path: parsedUrl.pathname + parsedUrl.search,
headers: headers,
method: method,
};
if (url.includes("X-Amz-Algorithm") && method == "GET") {

@@ -37,0 +42,0 @@ //We are using a pre-signed URL, so we don't need to send the Authorization header

+10
-5
lib/registry.js

@@ -15,3 +15,2 @@ "use strict";

exports.parseFullImageUrl = parseFullImageUrl;
const URL = require("url");
const fss = require("fs");

@@ -134,3 +133,3 @@ const fs_1 = require("fs");

return __awaiter(this, void 0, void 0, function* () {
const { hostname } = new URL.URL(registryBaseUrl);
const { hostname } = new URL(registryBaseUrl);
const image = (0, utils_1.parseImage)(imagePath);

@@ -187,4 +186,10 @@ if ((hostname === null || hostname === void 0 ? void 0 : hostname.endsWith(".docker.io")) && !token)

const url = `${registryBaseUrl}${image.path}/blobs/uploads/${parameters.size > 0 ? "?" + parameters : ""}`;
const options = URL.parse(url);
options.method = "POST";
const parsedUrl = new URL(url);
const options = {
protocol: parsedUrl.protocol,
hostname: parsedUrl.hostname,
port: parsedUrl.port,
path: parsedUrl.pathname + parsedUrl.search,
method: "POST",
};
if (token)

@@ -201,3 +206,3 @@ options.headers = { authorization: token };

else {
const regURL = URL.parse(registryBaseUrl);
const regURL = new URL(registryBaseUrl);
resolve({

@@ -204,0 +209,0 @@ uploadUrl: `${regURL.protocol}//${regURL.hostname}${regURL.port ? ":" + regURL.port : ""}${location}`,

+1
-1
lib/version.d.ts

@@ -1,1 +0,1 @@

export declare const VERSION = "3.3.1";
export declare const VERSION = "3.3.2";
+1
-1
lib/version.js
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.VERSION = void 0;
exports.VERSION = "3.3.1";
exports.VERSION = "3.3.2";
+3
-3
package.json
{
"name": "containerify",
"version": "3.3.1",
"version": "3.3.2",
"description": "Build node.js docker images without docker",

@@ -40,4 +40,4 @@ "main": "./lib/cli.js",

"commander": "^13.1.0",
"fs-extra": "^11.3.0",
"tar": "^6.2.1"
"fs-extra": "^11.3.2",
"tar": "^7.5.7"
},

@@ -44,0 +44,0 @@ "devDependencies": {