lockfile-lint-api
Advanced tools
Comparing version 1.0.1 to 1.0.4
@@ -21,3 +21,2 @@ const ValidatorHost = require('../src/validators/ValidateHost') | ||
it('validator should fail if not allowed host is used for a resource', () => { | ||
const failedPackage = '@babel/code-frame' | ||
const mockedPackages = { | ||
@@ -36,5 +35,15 @@ '@babel/code-frame': { | ||
const validator = new ValidatorHost({packages: mockedPackages}) | ||
expect(() => { | ||
validator.validate(['npm']) | ||
}).toThrowError(`detected invalid origin for package: ${failedPackage}`) | ||
expect(validator.validate(['npm'])).toEqual({ | ||
type: 'error', | ||
errors: [ | ||
{ | ||
message: 'detected invalid origin for package: @babel/code-frame', | ||
package: '@babel/code-frame' | ||
}, | ||
{ | ||
message: 'detected invalid origin for package: meow', | ||
package: 'meow' | ||
} | ||
] | ||
}) | ||
}) | ||
@@ -41,0 +50,0 @@ |
@@ -31,5 +31,11 @@ const ValidatorHTTPS = require('../src/validators/ValidateHttps') | ||
const validator = new ValidatorHTTPS({packages: mockedPackages}) | ||
expect(() => { | ||
validator.validate() | ||
}).toThrowError(`detected non-https protocol used for package: ${failedPackage}`) | ||
expect(validator.validate()).toEqual({ | ||
type: 'error', | ||
errors: [ | ||
{ | ||
message: `detected non-https protocol used for package: ${failedPackage}`, | ||
package: failedPackage | ||
} | ||
] | ||
}) | ||
}) | ||
@@ -51,6 +57,7 @@ | ||
const validator = new ValidatorHTTPS({packages: mockedPackages}) | ||
expect(() => { | ||
validator.validate() | ||
}).not.toThrow() | ||
expect(validator.validate()).toEqual({ | ||
type: 'success', | ||
errors: [] | ||
}) | ||
}) | ||
}) |
@@ -6,2 +6,38 @@ # Change Log | ||
## [1.0.4](https://github.com/lirantal/lockfile-lint/compare/lockfile-lint-api@1.0.1...lockfile-lint-api@1.0.4) (2019-06-18) | ||
### Bug Fixes | ||
* **keywords:** use proper package keywords format when publishing to npm ([bf05a80](https://github.com/lirantal/lockfile-lint/commit/bf05a80)) | ||
* **tests:** cleanup unnecessary function call ([49cbe72](https://github.com/lirantal/lockfile-lint/commit/49cbe72)) | ||
## [1.0.3](https://github.com/lirantal/lockfile-lint/compare/lockfile-lint-api@1.0.1...lockfile-lint-api@1.0.3) (2019-06-18) | ||
### Bug Fixes | ||
* **keywords:** use proper package keywords format when publishing to npm ([bf05a80](https://github.com/lirantal/lockfile-lint/commit/bf05a80)) | ||
* **tests:** cleanup unnecessary function call ([49cbe72](https://github.com/lirantal/lockfile-lint/commit/49cbe72)) | ||
## [1.0.2](https://github.com/lirantal/lockfile-lint/compare/lockfile-lint-api@1.0.1...lockfile-lint-api@1.0.2) (2019-06-18) | ||
### Bug Fixes | ||
* **keywords:** use proper package keywords format when publishing to npm ([bf05a80](https://github.com/lirantal/lockfile-lint/commit/bf05a80)) | ||
* **tests:** cleanup unnecessary function call ([49cbe72](https://github.com/lirantal/lockfile-lint/commit/49cbe72)) | ||
## 1.0.1 (2019-06-11) | ||
@@ -8,0 +44,0 @@ |
{ | ||
"name": "lockfile-lint-api", | ||
"version": "1.0.1", | ||
"version": "1.0.4", | ||
"description": "Lint an npm or yarn lockfile to analyze and detect issues", | ||
@@ -35,3 +35,10 @@ "main": "index.js", | ||
"keywords": [ | ||
"lockfile, lock file, lint, linter, parse, npm, yarn" | ||
"lockfile", | ||
"lock", | ||
"file", | ||
"lint", | ||
"linter", | ||
"parse", | ||
"npm", | ||
"yarn" | ||
], | ||
@@ -172,3 +179,3 @@ "homepage": "https://github.com/lirantal/lockfile-lint", | ||
}, | ||
"gitHead": "f48a1bf4cd0d2fcacef9cb331c6c15ec0926c39b" | ||
"gitHead": "85dbcdc5d12d314bfeb2d02149beec0d63ddd458" | ||
} |
@@ -44,2 +44,65 @@ <p align="center"><h1 align="center"> | ||
## Success and failures | ||
When validators encounter errors they will throw an exception, and on either success or failure in validating data they will always return a descriptive object for the validation task. | ||
### Successful validation | ||
When validation is successful the following object will be returned from the validating function: | ||
```json | ||
{ | ||
"type": "success", | ||
"errors": [] | ||
} | ||
``` | ||
### Failed validation | ||
When validation has failed the following object will be returned from the validating function: | ||
```json | ||
{ | ||
"type": "error", | ||
"errors": [ | ||
{ | ||
"package": "@babel/cli", | ||
"message": "detected invalid origin for package: @babel/cli" | ||
} | ||
] | ||
} | ||
``` | ||
Notes about the returned object: | ||
- An errors object will always return an array of errors metadata, even if there's only one error associated with the validation being performed | ||
- All errors should always have a message | ||
- The availability of the `package` property and other metadata depends on the specific validators being used | ||
### Example | ||
```js | ||
const validator = new ValidateHost({packages: lockfile.object}) | ||
let result | ||
try { | ||
result = validator.validate(['npm']) | ||
} catch (error) { | ||
// something bad happened during validation and the validation | ||
// process couldn't take place | ||
} | ||
console.log(result) | ||
/* prints | ||
{ | ||
"type": "error", | ||
"errors": [ | ||
{ | ||
"message": "detected invalid origin for package: meow", | ||
"package": "meow" | ||
} | ||
] | ||
} | ||
*/ | ||
``` | ||
# Example | ||
@@ -68,2 +131,3 @@ | ||
const validator = new ValidateHost({packages: lockfile.object}) | ||
let result | ||
try { | ||
@@ -74,6 +138,10 @@ // validation is synchronous and is being called | ||
// whitelisted to the npm host | ||
validator.validate(['npm']) | ||
result = validator.validate(['npm']) | ||
} catch (error) { | ||
// may throw an error: detected invalid origin for package | ||
// couldn't process the validation | ||
} | ||
if (result.type === 'success') { | ||
// validation succeeded | ||
} | ||
``` | ||
@@ -80,0 +148,0 @@ |
@@ -25,2 +25,7 @@ 'use strict' | ||
let validationResult = { | ||
type: 'success', | ||
errors: [] | ||
} | ||
for (const [packageName, packageMetadata] of Object.entries(this.packages)) { | ||
@@ -35,8 +40,16 @@ const packageResolvedURL = new URL(packageMetadata.resolved) | ||
if (allowedHosts.indexOf(packageResolvedURL.origin) === -1) { | ||
throw new Error(`detected invalid origin for package: ${packageName}`) | ||
// throw new Error(`detected invalid origin for package: ${packageName}`) | ||
validationResult.errors.push({ | ||
message: `detected invalid origin for package: ${packageName}`, | ||
package: packageName | ||
}) | ||
} | ||
} | ||
return true | ||
if (validationResult.errors.length !== 0) { | ||
validationResult.type = 'error' | ||
} | ||
return validationResult | ||
} | ||
} |
@@ -17,2 +17,7 @@ 'use strict' | ||
validate () { | ||
let validationResult = { | ||
type: 'success', | ||
errors: [] | ||
} | ||
for (const [packageName, packageMetadata] of Object.entries(this.packages)) { | ||
@@ -22,8 +27,15 @@ const packageResolvedURL = new URL(packageMetadata.resolved) | ||
if (packageResolvedURL.protocol !== HTTPS_PROTOCOL) { | ||
throw new Error(`detected non-https protocol used for package: ${packageName}`) | ||
validationResult.errors.push({ | ||
message: `detected non-https protocol used for package: ${packageName}`, | ||
package: packageName | ||
}) | ||
} | ||
} | ||
return true | ||
if (validationResult.errors.length !== 0) { | ||
validationResult.type = 'error' | ||
} | ||
return validationResult | ||
} | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
33583
333
153