Socket
Socket
Sign inDemoInstall

npm-package-arg

Package Overview
Dependencies
6
Maintainers
6
Versions
49
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 8.1.2 to 8.1.3

142

npa.js

@@ -6,12 +6,8 @@ 'use strict'

let url
let HostedGit
let semver
let path_
function path () {
if (!path_) path_ = require('path')
return path_
}
let validatePackageName
let os
const url = require('url')
const HostedGit = require('hosted-git-info')
const semver = require('semver')
const path = require('path')
const validatePackageName = require('validate-npm-package-name')
const { homedir } = require('os')

@@ -28,29 +24,26 @@ const isWindows = process.platform === 'win32' || global.FAKE_WINDOWS

if (typeof arg === 'object') {
if (arg instanceof Result && (!where || where === arg.where)) {
if (arg instanceof Result && (!where || where === arg.where))
return arg
} else if (arg.name && arg.rawSpec) {
else if (arg.name && arg.rawSpec)
return npa.resolve(arg.name, arg.rawSpec, where || arg.where)
} else {
else
return npa(arg.raw, where || arg.where)
}
}
const nameEndsAt = arg[0] === '@' ? arg.slice(1).indexOf('@') + 1 : arg.indexOf('@')
const namePart = nameEndsAt > 0 ? arg.slice(0, nameEndsAt) : arg
if (isURL.test(arg)) {
if (isURL.test(arg))
spec = arg
} else if (isGit.test(arg)) {
else if (isGit.test(arg))
spec = `git+ssh://${arg}`
} else if (namePart[0] !== '@' && (hasSlashes.test(namePart) || isFilename.test(namePart))) {
else if (namePart[0] !== '@' && (hasSlashes.test(namePart) || isFilename.test(namePart)))
spec = arg
} else if (nameEndsAt > 0) {
else if (nameEndsAt > 0) {
name = namePart
spec = arg.slice(nameEndsAt + 1)
} else {
if (!validatePackageName) validatePackageName = require('validate-npm-package-name')
const valid = validatePackageName(arg)
if (valid.validForOldPackages) {
if (valid.validForOldPackages)
name = arg
} else {
else
spec = arg
}
}

@@ -67,23 +60,25 @@ return resolve(name, spec, where, arg)

rawSpec: spec,
fromArgument: arg != null
fromArgument: arg != null,
})
if (name) res.setName(name)
if (name)
res.setName(name)
if (spec && (isFilespec.test(spec) || /^file:/i.test(spec))) {
if (spec && (isFilespec.test(spec) || /^file:/i.test(spec)))
return fromFile(res, where)
} else if (spec && /^npm:/i.test(spec)) {
else if (spec && /^npm:/i.test(spec))
return fromAlias(res, where)
}
if (!HostedGit) HostedGit = require('hosted-git-info')
const hosted = HostedGit.fromUrl(spec, { noGitPlus: true, noCommittish: true })
if (hosted) {
const hosted = HostedGit.fromUrl(spec, {
noGitPlus: true,
noCommittish: true,
})
if (hosted)
return fromHostedGit(res, hosted)
} else if (spec && isURL.test(spec)) {
else if (spec && isURL.test(spec))
return fromURL(res)
} else if (spec && (hasSlashes.test(spec) || isFilename.test(spec))) {
else if (spec && (hasSlashes.test(spec) || isFilename.test(spec)))
return fromFile(res, where)
} else {
else
return fromRegistry(res)
}
}

@@ -106,7 +101,7 @@

this.where = opts.where
if (opts.raw == null) {
if (opts.raw == null)
this.raw = opts.name ? opts.name + '@' + opts.rawSpec : opts.rawSpec
} else {
else
this.raw = opts.raw
}
this.name = undefined

@@ -118,3 +113,4 @@ this.escapedName = undefined

this.fetchSpec = opts.fetchSpec
if (opts.name) this.setName(opts.name)
if (opts.name)
this.setName(opts.name)
this.gitRange = opts.gitRange

@@ -126,7 +122,6 @@ this.gitCommittish = opts.gitCommittish

Result.prototype.setName = function (name) {
if (!validatePackageName) validatePackageName = require('validate-npm-package-name')
const valid = validatePackageName(name)
if (!valid.validForOldPackages) {
if (!valid.validForOldPackages)
throw invalidPackageName(name, valid)
}
this.name = name

@@ -141,5 +136,7 @@ this.scope = name[0] === '@' ? name.slice(0, name.indexOf('/')) : undefined

const full = []
if (this.name != null && this.name !== '') full.push(this.name)
if (this.name != null && this.name !== '')
full.push(this.name)
const spec = this.saveSpec || this.fetchSpec || this.rawSpec
if (spec != null && spec !== '') full.push(spec)
if (spec != null && spec !== '')
full.push(spec)
return full.length ? full.join('@') : this.raw

@@ -158,5 +155,5 @@ }

res.gitCommittish = null
} else {
} else
res.gitCommittish = committish === '' ? null : committish
}
return res

@@ -168,9 +165,12 @@ }

function resolvePath (where, spec) {
if (isAbsolutePath.test(spec)) return spec
return path().resolve(where, spec)
if (isAbsolutePath.test(spec))
return spec
return path.resolve(where, spec)
}
function isAbsolute (dir) {
if (dir[0] === '/') return true
if (/^[A-Za-z]:/.test(dir)) return true
if (dir[0] === '/')
return true
if (/^[A-Za-z]:/.test(dir))
return true
return false

@@ -180,3 +180,4 @@ }

function fromFile (res, where) {
if (!where) where = process.cwd()
if (!where)
where = process.cwd()
res.type = isFilename.test(res.rawSpec) ? 'file' : 'directory'

@@ -190,12 +191,10 @@ res.where = where

// this is needed for windows and for file:~/foo/bar
if (!os) os = require('os')
res.fetchSpec = resolvePath(os.homedir(), spec.slice(2))
res.fetchSpec = resolvePath(homedir(), spec.slice(2))
res.saveSpec = 'file:' + spec
} else {
res.fetchSpec = resolvePath(where, spec)
if (isAbsolute(spec)) {
if (isAbsolute(spec))
res.saveSpec = 'file:' + spec
} else {
res.saveSpec = 'file:' + path().relative(where, res.fetchSpec)
}
else
res.saveSpec = 'file:' + path.relative(where, res.fetchSpec)
}

@@ -231,3 +230,3 @@ return res

fetchSpec: matched[1],
gitCommittish: matched[2] == null ? null : matched[2]
gitCommittish: matched[2] == null ? null : matched[2],
}

@@ -237,3 +236,3 @@ }

function fromURL (res) {
if (!url) url = require('url')
// eslint-disable-next-line node/no-deprecated-api
const urlparse = url.parse(res.rawSpec)

@@ -249,5 +248,6 @@ res.saveSpec = res.rawSpec

case 'git+file:':
case 'git+ssh:':
case 'git+ssh:': {
res.type = 'git'
const match = urlparse.protocol === 'git+ssh:' && matchGitScp(res.rawSpec)
const match = urlparse.protocol === 'git+ssh:' ? matchGitScp(res.rawSpec)
: null
if (match) {

@@ -268,2 +268,3 @@ setGitCommittish(res, match.gitCommittish)

break
}
case 'http:':

@@ -284,8 +285,8 @@ case 'https:':

const subSpec = npa(res.rawSpec.substr(4), where)
if (subSpec.type === 'alias') {
if (subSpec.type === 'alias')
throw new Error('nested aliases not supported')
}
if (!subSpec.registry) {
if (!subSpec.registry)
throw new Error('aliases only work for registry deps')
}
res.subSpec = subSpec

@@ -301,3 +302,3 @@ res.registry = true

res.registry = true
const spec = res.rawSpec === '' ? 'latest' : res.rawSpec
const spec = res.rawSpec === '' ? 'latest' : res.rawSpec.trim()
// no save spec for registry components as we save based on the fetched

@@ -307,13 +308,12 @@ // version, not on the argument so this can't compute that.

res.fetchSpec = spec
if (!semver) semver = require('semver')
const version = semver.valid(spec, true)
const range = semver.validRange(spec, true)
if (version) {
if (version)
res.type = 'version'
} else if (range) {
else if (range)
res.type = 'range'
} else {
if (encodeURIComponent(spec) !== spec) {
else {
if (encodeURIComponent(spec) !== spec)
throw invalidTagName(spec)
}
res.type = 'tag'

@@ -320,0 +320,0 @@ }

12

package.json
{
"name": "npm-package-arg",
"version": "8.1.2",
"version": "8.1.3",
"description": "Parse the things that can be arguments to `npm install`",

@@ -18,3 +18,4 @@ "main": "npa.js",

"devDependencies": {
"tap": "^14.11.0"
"@npmcli/lint": "^1.0.1",
"tap": "^15.0.9"
},

@@ -26,3 +27,8 @@ "scripts": {

"test": "tap",
"snap": "tap"
"snap": "tap",
"npmclilint": "npmcli-lint",
"lint": "npm run npmclilint -- \"*.*js\" \"test/**/*.*js\"",
"lintfix": "npm run lint -- --fix",
"posttest": "npm run lint --",
"postsnap": "npm run lintfix --"
},

@@ -29,0 +35,0 @@ "repository": {

CHANGELOG.md
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc