npm-pick-manifest - npm Package Compare versions

Comparing version 2.2.3 to 5.0.0

CHANGELOG.md

@@ -1,7 +0,65 @@
-# Change Log
+# Changelog
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [5.0.0](https://github.com/npm/npm-pick-manifest/compare/v4.0.0...v5.0.0) (2019-12-15)
+
+
+### ⚠ BREAKING CHANGES
+
+* This drops support for node < 10.
+
+* normalize settings, drop old nodes, update deps ([dc2e61c](https://github.com/npm/npm-pick-manifest/commit/dc2e61cc06bd19e079128e77397df7593741da50))
+
+<a name="4.0.0"></a>
+# [4.0.0](https://github.com/npm/npm-pick-manifest/compare/v3.0.2...v4.0.0) (2019-11-11)
+
+
+### deps
+
+* bump npm-package-arg to v7 ([42c76d8](https://github.com/npm/npm-pick-manifest/commit/42c76d8)), closes [/github.com/npm/hosted-git-info/pull/38#issuecomment-520243803](https://github.com//github.com/npm/hosted-git-info/pull/38/issues/issuecomment-520243803)
+
+
+### BREAKING CHANGES
+
+* this drops support for ancient node versions.
+
+
+
+<a name="3.0.2"></a>
+## [3.0.2](https://github.com/npm/npm-pick-manifest/compare/v3.0.1...v3.0.2) (2019-08-30)
+
+
+
+<a name="3.0.1"></a>
+## [3.0.1](https://github.com/npm/npm-pick-manifest/compare/v3.0.0...v3.0.1) (2019-08-28)
+
+
+### Bug Fixes
+
+* throw 403 for forbidden major/minor versions ([003286e](https://github.com/npm/npm-pick-manifest/commit/003286e)), closes [#2](https://github.com/npm/npm-pick-manifest/issues/2)
+
+
+
+<a name="3.0.0"></a>
+# [3.0.0](https://github.com/npm/npm-pick-manifest/compare/v2.2.3...v3.0.0) (2019-08-20)
+
+
+### Features
+
+* throw forbidden error when package is blocked by policy ([ad2a962](https://github.com/npm/npm-pick-manifest/commit/ad2a962)), closes [#1](https://github.com/npm/npm-pick-manifest/issues/1)
+
+
+### BREAKING CHANGES
+
+* This adds a new error code when package versions are
+blocked.
+
+PR-URL: https://github.com/npm/npm-pick-manifest/pull/1
+Credit: @claudiahdz
+
+
+
 <a name="2.2.3"></a>
-## [2.2.3](https://github.com/zkat/npm-pick-manifest/compare/v2.2.2...v2.2.3) (2018-10-31)
+## [2.2.3](https://github.com/npm/npm-pick-manifest/compare/v2.2.2...v2.2.3) (2018-10-31)
 
@@ -11,3 +69,3 @@
 
-* **enjoyBy:** rework semantics for enjoyBy again ([5e89b62](https://github.com/zkat/npm-pick-manifest/commit/5e89b62))
+* **enjoyBy:** rework semantics for enjoyBy again ([5e89b62](https://github.com/npm/npm-pick-manifest/commit/5e89b62))
 
@@ -17,3 +75,3 @@
 <a name="2.2.2"></a>
-## [2.2.2](https://github.com/zkat/npm-pick-manifest/compare/v2.2.1...v2.2.2) (2018-10-31)
+## [2.2.2](https://github.com/npm/npm-pick-manifest/compare/v2.2.1...v2.2.2) (2018-10-31)
 
@@ -23,3 +81,3 @@
 
-* **enjoyBy:** rework semantics for enjoyBy ([5684f45](https://github.com/zkat/npm-pick-manifest/commit/5684f45))
+* **enjoyBy:** rework semantics for enjoyBy ([5684f45](https://github.com/npm/npm-pick-manifest/commit/5684f45))
 
@@ -29,3 +87,3 @@
 <a name="2.2.1"></a>
-## [2.2.1](https://github.com/zkat/npm-pick-manifest/compare/v2.2.0...v2.2.1) (2018-10-30)
+## [2.2.1](https://github.com/npm/npm-pick-manifest/compare/v2.2.0...v2.2.1) (2018-10-30)
 
@@ -35,3 +93,3 @@
 <a name="2.2.0"></a>
-# [2.2.0](https://github.com/zkat/npm-pick-manifest/compare/v2.1.0...v2.2.0) (2018-10-30)
+# [2.2.0](https://github.com/npm/npm-pick-manifest/compare/v2.1.0...v2.2.0) (2018-10-30)
 
@@ -41,3 +99,3 @@
 
-* **audit:** npm audit fix --force ([d5ae6c4](https://github.com/zkat/npm-pick-manifest/commit/d5ae6c4))
+* **audit:** npm audit fix --force ([d5ae6c4](https://github.com/npm/npm-pick-manifest/commit/d5ae6c4))
 
@@ -47,3 +105,3 @@
 
-* **enjoyBy:** add opts.enjoyBy option to filter versions by date ([0b8a790](https://github.com/zkat/npm-pick-manifest/commit/0b8a790))
+* **enjoyBy:** add opts.enjoyBy option to filter versions by date ([0b8a790](https://github.com/npm/npm-pick-manifest/commit/0b8a790))
 
@@ -53,3 +111,3 @@
 <a name="2.1.0"></a>
-# [2.1.0](https://github.com/zkat/npm-pick-manifest/compare/v2.0.1...v2.1.0) (2017-10-18)
+# [2.1.0](https://github.com/npm/npm-pick-manifest/compare/v2.0.1...v2.1.0) (2017-10-18)
 
@@ -59,3 +117,3 @@
 
-* **selection:** allow manually disabling deprecation skipping ([0d239d3](https://github.com/zkat/npm-pick-manifest/commit/0d239d3))
+* **selection:** allow manually disabling deprecation skipping ([0d239d3](https://github.com/npm/npm-pick-manifest/commit/0d239d3))
 
@@ -65,3 +123,3 @@
 <a name="2.0.1"></a>
-## [2.0.1](https://github.com/zkat/npm-pick-manifest/compare/v2.0.0...v2.0.1) (2017-10-18)
+## [2.0.1](https://github.com/npm/npm-pick-manifest/compare/v2.0.0...v2.0.1) (2017-10-18)
 
@@ -71,3 +129,3 @@
 <a name="2.0.0"></a>
-# [2.0.0](https://github.com/zkat/npm-pick-manifest/compare/v1.0.4...v2.0.0) (2017-10-03)
+# [2.0.0](https://github.com/npm/npm-pick-manifest/compare/v1.0.4...v2.0.0) (2017-10-03)
 
@@ -77,3 +135,3 @@
 
-* **license:** relicense project according to npm policy (#3) ([ed743a0](https://github.com/zkat/npm-pick-manifest/commit/ed743a0))
+* **license:** relicense project according to npm policy (#3) ([ed743a0](https://github.com/npm/npm-pick-manifest/commit/ed743a0))
 
@@ -83,3 +141,3 @@
 
-* **selection:** Avoid matching deprecated packages if possible ([3fc6c3a](https://github.com/zkat/npm-pick-manifest/commit/3fc6c3a))
+* **selection:** Avoid matching deprecated packages if possible ([3fc6c3a](https://github.com/npm/npm-pick-manifest/commit/3fc6c3a))
 
@@ -95,3 +153,3 @@
 <a name="1.0.4"></a>
-## [1.0.4](https://github.com/zkat/npm-pick-manifest/compare/v1.0.3...v1.0.4) (2017-06-29)
+## [1.0.4](https://github.com/npm/npm-pick-manifest/compare/v1.0.3...v1.0.4) (2017-06-29)
 
@@ -101,4 +159,4 @@
 
-* **npa:** bump npa version for bugfixes ([7cdaca7](https://github.com/zkat/npm-pick-manifest/commit/7cdaca7))
-* **semver:** use loose semver parsing for *all* ops ([bbc0daa](https://github.com/zkat/npm-pick-manifest/commit/bbc0daa))
+* **npa:** bump npa version for bugfixes ([7cdaca7](https://github.com/npm/npm-pick-manifest/commit/7cdaca7))
+* **semver:** use loose semver parsing for *all* ops ([bbc0daa](https://github.com/npm/npm-pick-manifest/commit/bbc0daa))
 
@@ -108,3 +166,3 @@
 <a name="1.0.3"></a>
-## [1.0.3](https://github.com/zkat/npm-pick-manifest/compare/v1.0.2...v1.0.3) (2017-05-04)
+## [1.0.3](https://github.com/npm/npm-pick-manifest/compare/v1.0.2...v1.0.3) (2017-05-04)
 
@@ -114,3 +172,3 @@
 
-* **semver:** use semver.clean() instead ([f4133b5](https://github.com/zkat/npm-pick-manifest/commit/f4133b5))
+* **semver:** use semver.clean() instead ([f4133b5](https://github.com/npm/npm-pick-manifest/commit/f4133b5))
 
@@ -120,3 +178,3 @@
 <a name="1.0.2"></a>
-## [1.0.2](https://github.com/zkat/npm-pick-manifest/compare/v1.0.1...v1.0.2) (2017-05-04)
+## [1.0.2](https://github.com/npm/npm-pick-manifest/compare/v1.0.1...v1.0.2) (2017-05-04)
 
@@ -126,3 +184,3 @@
 
-* **picker:** spaces in `wanted` prevented match ([97a7d0a](https://github.com/zkat/npm-pick-manifest/commit/97a7d0a))
+* **picker:** spaces in `wanted` prevented match ([97a7d0a](https://github.com/npm/npm-pick-manifest/commit/97a7d0a))
 
@@ -132,3 +190,3 @@
 <a name="1.0.1"></a>
-## [1.0.1](https://github.com/zkat/npm-pick-manifest/compare/v1.0.0...v1.0.1) (2017-04-24)
+## [1.0.1](https://github.com/npm/npm-pick-manifest/compare/v1.0.0...v1.0.1) (2017-04-24)
 
@@ -138,3 +196,3 @@
 
-* **deps:** forgot to add semver ([1876f4f](https://github.com/zkat/npm-pick-manifest/commit/1876f4f))
+* **deps:** forgot to add semver ([1876f4f](https://github.com/npm/npm-pick-manifest/commit/1876f4f))
 
@@ -149,3 +207,3 @@
 
-* **api:** initial implementation. ([b086912](https://github.com/zkat/npm-pick-manifest/commit/b086912))
+* **api:** initial implementation. ([b086912](https://github.com/npm/npm-pick-manifest/commit/b086912))
 
@@ -152,0 +210,0 @@

index.js

@@ -26,2 +26,5 @@ 'use strict'
   })
+  const policyRestrictions = packument.policyRestrictions
+  const restrictedVersions = policyRestrictions
+    ? Object.keys(policyRestrictions.versions) : []
 
@@ -36,3 +39,3 @@ function enjoyableBy (v) {
 
-  if (!versions.length) {
+  if (!versions.length && !restrictedVersions.length) {
     err = new Error(`No valid versions available for ${packument.name}`)
@@ -98,2 +101,6 @@ err.code = 'ENOVERSIONS'
 
+  if (!target && restrictedVersions) {
+    target = semver.maxSatisfying(restrictedVersions, wanted, true)
+  }
+
   const manifest = (
@@ -104,12 +111,20 @@ target &&
   if (!manifest) {
-    err = new Error(
-      `No matching version found for ${packument.name}@${wanted}${
-        opts.enjoyBy
-          ? ` with an Enjoy By date of ${
-            new Date(opts.enjoyBy).toLocaleString()
-          }. Maybe try a different date?`
-          : ''
-      }`
-    )
-    err.code = 'ETARGET'
+    // Check if target is forbidden
+    const isForbidden = target && policyRestrictions && policyRestrictions.versions[target]
+    const pckg = `${packument.name}@${wanted}${
+      opts.enjoyBy
+        ? ` with an Enjoy By date of ${
+          new Date(opts.enjoyBy).toLocaleString()
+        }. Maybe try a different date?`
+        : ''
+    }`
+
+    if (isForbidden) {
+      err = new Error(`Could not download ${pckg} due to policy violations.\n${policyRestrictions.message}\n`)
+      err.code = 'E403'
+    } else {
+      err = new Error(`No matching version found for ${pckg}.`)
+      err.code = 'ETARGET'
+    }
+
     err.name = packument.name
@@ -116,0 +131,0 @@ err.type = type

package.json

 {
   "name": "npm-pick-manifest",
-  "version": "2.2.3",
+  "version": "5.0.0",
   "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.",
@@ -10,11 +10,10 @@ "main": "index.js",
   "scripts": {
+    "postrelease": "npm publish",
+    "posttest": "standard",
+    "prepublishOnly": "git push --follow-tags",
     "prerelease": "npm t",
-    "postrelease": "npm publish && git push --follow-tags",
-    "pretest": "standard",
     "release": "standard-version -s",
-    "test": "tap -J --100 --coverage test/*.js",
-    "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'",
-    "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'"
+    "test": "tap"
   },
-  "repository": "https://github.com/zkat/npm-pick-manifest",
+  "repository": "https://github.com/npm/npm-pick-manifest",
   "keywords": [
@@ -33,21 +32,13 @@ "npm",
     "figgy-pudding": "^3.5.1",
-    "npm-package-arg": "^6.0.0",
-    "semver": "^5.4.1"
+    "npm-package-arg": "^8.0.0",
+    "semver": "^7.0.0"
   },
   "devDependencies": {
-    "nyc": "^13.1.0",
-    "standard": "^10.0.3",
-    "standard-version": "^4.4.0",
-    "tap": "^12.0.1",
-    "weallbehave": "^1.2.0",
-    "weallcontribute": "^1.0.8"
+    "standard": "^14.3.1",
+    "standard-version": "^7.0.1",
+    "tap": "^14.10.2"
   },
-  "config": {
-    "nyc": {
-      "exclude": [
-        "node_modules/**",
-        "test/**"
-      ]
-    }
+  "tap": {
+    "check-coverage": true
   }
 }

README.md

@@ -1,4 +0,4 @@
-# npm-pick-manifest [![npm version](https://img.shields.io/npm/v/npm-pick-manifest.svg)](https://npm.im/npm-pick-manifest) [![license](https://img.shields.io/npm/l/npm-pick-manifest.svg)](https://npm.im/npm-pick-manifest) [![Travis](https://img.shields.io/travis/zkat/npm-pick-manifest.svg)](https://travis-ci.org/zkat/npm-pick-manifest) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/npm-pick-manifest?svg=true)](https://ci.appveyor.com/project/zkat/npm-pick-manifest) [![Coverage Status](https://coveralls.io/repos/github/zkat/npm-pick-manifest/badge.svg?branch=latest)](https://coveralls.io/github/zkat/npm-pick-manifest?branch=latest)
+# npm-pick-manifest [![npm version](https://img.shields.io/npm/v/npm-pick-manifest.svg)](https://npm.im/npm-pick-manifest) [![license](https://img.shields.io/npm/l/npm-pick-manifest.svg)](https://npm.im/npm-pick-manifest) [![Travis](https://img.shields.io/travis/npm/npm-pick-manifest.svg)](https://travis-ci.org/npm/npm-pick-manifest) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/npm/npm-pick-manifest?svg=true)](https://ci.appveyor.com/project/npm/npm-pick-manifest) [![Coverage Status](https://coveralls.io/repos/github/npm/npm-pick-manifest/badge.svg?branch=latest)](https://coveralls.io/github/npm/npm-pick-manifest?branch=latest)
 
-[`npm-pick-manifest`](https://github.com/zkat/npm-pick-manifest) is a standalone
+[`npm-pick-manifest`](https://github.com/npm/npm-pick-manifest) is a standalone
 implementation of [npm](https://npmjs.com)'s semver range resolution algorithm.
@@ -5,0 +5,0 @@

New alerts

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Fixed alerts

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

13993

increased by15.14%

Dev dependency count

3

decreased by-50%

Lines of code

119

increased by11.21%

Dependency changes

• + Addedhosted-git-info@4.1.0(transitive)

• + Addedlru-cache@6.0.0(transitive)

• + Addednpm-package-arg@8.1.5(transitive)

• + Addedsemver@7.6.2(transitive)

• + Addedyallist@4.0.0(transitive)

• - Removedhosted-git-info@2.8.9(transitive)

• - Removednpm-package-arg@6.1.1(transitive)

• - Removedos-homedir@1.0.2(transitive)

• - Removedos-tmpdir@1.0.2(transitive)

• - Removedosenv@0.1.5(transitive)

• - Removedsemver@5.7.2(transitive)

• Updatednpm-package-arg@^8.0.0

• Updatedsemver@^7.0.0