npm-pick-manifest
Advanced tools
Comparing version 2.2.3 to 5.0.0
108
CHANGELOG.md
@@ -1,7 +0,65 @@ | ||
# Change Log | ||
# Changelog | ||
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. | ||
## [5.0.0](https://github.com/npm/npm-pick-manifest/compare/v4.0.0...v5.0.0) (2019-12-15) | ||
### ⚠ BREAKING CHANGES | ||
* This drops support for node < 10. | ||
* normalize settings, drop old nodes, update deps ([dc2e61c](https://github.com/npm/npm-pick-manifest/commit/dc2e61cc06bd19e079128e77397df7593741da50)) | ||
<a name="4.0.0"></a> | ||
# [4.0.0](https://github.com/npm/npm-pick-manifest/compare/v3.0.2...v4.0.0) (2019-11-11) | ||
### deps | ||
* bump npm-package-arg to v7 ([42c76d8](https://github.com/npm/npm-pick-manifest/commit/42c76d8)), closes [/github.com/npm/hosted-git-info/pull/38#issuecomment-520243803](https://github.com//github.com/npm/hosted-git-info/pull/38/issues/issuecomment-520243803) | ||
### BREAKING CHANGES | ||
* this drops support for ancient node versions. | ||
<a name="3.0.2"></a> | ||
## [3.0.2](https://github.com/npm/npm-pick-manifest/compare/v3.0.1...v3.0.2) (2019-08-30) | ||
<a name="3.0.1"></a> | ||
## [3.0.1](https://github.com/npm/npm-pick-manifest/compare/v3.0.0...v3.0.1) (2019-08-28) | ||
### Bug Fixes | ||
* throw 403 for forbidden major/minor versions ([003286e](https://github.com/npm/npm-pick-manifest/commit/003286e)), closes [#2](https://github.com/npm/npm-pick-manifest/issues/2) | ||
<a name="3.0.0"></a> | ||
# [3.0.0](https://github.com/npm/npm-pick-manifest/compare/v2.2.3...v3.0.0) (2019-08-20) | ||
### Features | ||
* throw forbidden error when package is blocked by policy ([ad2a962](https://github.com/npm/npm-pick-manifest/commit/ad2a962)), closes [#1](https://github.com/npm/npm-pick-manifest/issues/1) | ||
### BREAKING CHANGES | ||
* This adds a new error code when package versions are | ||
blocked. | ||
PR-URL: https://github.com/npm/npm-pick-manifest/pull/1 | ||
Credit: @claudiahdz | ||
<a name="2.2.3"></a> | ||
## [2.2.3](https://github.com/zkat/npm-pick-manifest/compare/v2.2.2...v2.2.3) (2018-10-31) | ||
## [2.2.3](https://github.com/npm/npm-pick-manifest/compare/v2.2.2...v2.2.3) (2018-10-31) | ||
@@ -11,3 +69,3 @@ | ||
* **enjoyBy:** rework semantics for enjoyBy again ([5e89b62](https://github.com/zkat/npm-pick-manifest/commit/5e89b62)) | ||
* **enjoyBy:** rework semantics for enjoyBy again ([5e89b62](https://github.com/npm/npm-pick-manifest/commit/5e89b62)) | ||
@@ -17,3 +75,3 @@ | ||
<a name="2.2.2"></a> | ||
## [2.2.2](https://github.com/zkat/npm-pick-manifest/compare/v2.2.1...v2.2.2) (2018-10-31) | ||
## [2.2.2](https://github.com/npm/npm-pick-manifest/compare/v2.2.1...v2.2.2) (2018-10-31) | ||
@@ -23,3 +81,3 @@ | ||
* **enjoyBy:** rework semantics for enjoyBy ([5684f45](https://github.com/zkat/npm-pick-manifest/commit/5684f45)) | ||
* **enjoyBy:** rework semantics for enjoyBy ([5684f45](https://github.com/npm/npm-pick-manifest/commit/5684f45)) | ||
@@ -29,3 +87,3 @@ | ||
<a name="2.2.1"></a> | ||
## [2.2.1](https://github.com/zkat/npm-pick-manifest/compare/v2.2.0...v2.2.1) (2018-10-30) | ||
## [2.2.1](https://github.com/npm/npm-pick-manifest/compare/v2.2.0...v2.2.1) (2018-10-30) | ||
@@ -35,3 +93,3 @@ | ||
<a name="2.2.0"></a> | ||
# [2.2.0](https://github.com/zkat/npm-pick-manifest/compare/v2.1.0...v2.2.0) (2018-10-30) | ||
# [2.2.0](https://github.com/npm/npm-pick-manifest/compare/v2.1.0...v2.2.0) (2018-10-30) | ||
@@ -41,3 +99,3 @@ | ||
* **audit:** npm audit fix --force ([d5ae6c4](https://github.com/zkat/npm-pick-manifest/commit/d5ae6c4)) | ||
* **audit:** npm audit fix --force ([d5ae6c4](https://github.com/npm/npm-pick-manifest/commit/d5ae6c4)) | ||
@@ -47,3 +105,3 @@ | ||
* **enjoyBy:** add opts.enjoyBy option to filter versions by date ([0b8a790](https://github.com/zkat/npm-pick-manifest/commit/0b8a790)) | ||
* **enjoyBy:** add opts.enjoyBy option to filter versions by date ([0b8a790](https://github.com/npm/npm-pick-manifest/commit/0b8a790)) | ||
@@ -53,3 +111,3 @@ | ||
<a name="2.1.0"></a> | ||
# [2.1.0](https://github.com/zkat/npm-pick-manifest/compare/v2.0.1...v2.1.0) (2017-10-18) | ||
# [2.1.0](https://github.com/npm/npm-pick-manifest/compare/v2.0.1...v2.1.0) (2017-10-18) | ||
@@ -59,3 +117,3 @@ | ||
* **selection:** allow manually disabling deprecation skipping ([0d239d3](https://github.com/zkat/npm-pick-manifest/commit/0d239d3)) | ||
* **selection:** allow manually disabling deprecation skipping ([0d239d3](https://github.com/npm/npm-pick-manifest/commit/0d239d3)) | ||
@@ -65,3 +123,3 @@ | ||
<a name="2.0.1"></a> | ||
## [2.0.1](https://github.com/zkat/npm-pick-manifest/compare/v2.0.0...v2.0.1) (2017-10-18) | ||
## [2.0.1](https://github.com/npm/npm-pick-manifest/compare/v2.0.0...v2.0.1) (2017-10-18) | ||
@@ -71,3 +129,3 @@ | ||
<a name="2.0.0"></a> | ||
# [2.0.0](https://github.com/zkat/npm-pick-manifest/compare/v1.0.4...v2.0.0) (2017-10-03) | ||
# [2.0.0](https://github.com/npm/npm-pick-manifest/compare/v1.0.4...v2.0.0) (2017-10-03) | ||
@@ -77,3 +135,3 @@ | ||
* **license:** relicense project according to npm policy (#3) ([ed743a0](https://github.com/zkat/npm-pick-manifest/commit/ed743a0)) | ||
* **license:** relicense project according to npm policy (#3) ([ed743a0](https://github.com/npm/npm-pick-manifest/commit/ed743a0)) | ||
@@ -83,3 +141,3 @@ | ||
* **selection:** Avoid matching deprecated packages if possible ([3fc6c3a](https://github.com/zkat/npm-pick-manifest/commit/3fc6c3a)) | ||
* **selection:** Avoid matching deprecated packages if possible ([3fc6c3a](https://github.com/npm/npm-pick-manifest/commit/3fc6c3a)) | ||
@@ -95,3 +153,3 @@ | ||
<a name="1.0.4"></a> | ||
## [1.0.4](https://github.com/zkat/npm-pick-manifest/compare/v1.0.3...v1.0.4) (2017-06-29) | ||
## [1.0.4](https://github.com/npm/npm-pick-manifest/compare/v1.0.3...v1.0.4) (2017-06-29) | ||
@@ -101,4 +159,4 @@ | ||
* **npa:** bump npa version for bugfixes ([7cdaca7](https://github.com/zkat/npm-pick-manifest/commit/7cdaca7)) | ||
* **semver:** use loose semver parsing for *all* ops ([bbc0daa](https://github.com/zkat/npm-pick-manifest/commit/bbc0daa)) | ||
* **npa:** bump npa version for bugfixes ([7cdaca7](https://github.com/npm/npm-pick-manifest/commit/7cdaca7)) | ||
* **semver:** use loose semver parsing for *all* ops ([bbc0daa](https://github.com/npm/npm-pick-manifest/commit/bbc0daa)) | ||
@@ -108,3 +166,3 @@ | ||
<a name="1.0.3"></a> | ||
## [1.0.3](https://github.com/zkat/npm-pick-manifest/compare/v1.0.2...v1.0.3) (2017-05-04) | ||
## [1.0.3](https://github.com/npm/npm-pick-manifest/compare/v1.0.2...v1.0.3) (2017-05-04) | ||
@@ -114,3 +172,3 @@ | ||
* **semver:** use semver.clean() instead ([f4133b5](https://github.com/zkat/npm-pick-manifest/commit/f4133b5)) | ||
* **semver:** use semver.clean() instead ([f4133b5](https://github.com/npm/npm-pick-manifest/commit/f4133b5)) | ||
@@ -120,3 +178,3 @@ | ||
<a name="1.0.2"></a> | ||
## [1.0.2](https://github.com/zkat/npm-pick-manifest/compare/v1.0.1...v1.0.2) (2017-05-04) | ||
## [1.0.2](https://github.com/npm/npm-pick-manifest/compare/v1.0.1...v1.0.2) (2017-05-04) | ||
@@ -126,3 +184,3 @@ | ||
* **picker:** spaces in `wanted` prevented match ([97a7d0a](https://github.com/zkat/npm-pick-manifest/commit/97a7d0a)) | ||
* **picker:** spaces in `wanted` prevented match ([97a7d0a](https://github.com/npm/npm-pick-manifest/commit/97a7d0a)) | ||
@@ -132,3 +190,3 @@ | ||
<a name="1.0.1"></a> | ||
## [1.0.1](https://github.com/zkat/npm-pick-manifest/compare/v1.0.0...v1.0.1) (2017-04-24) | ||
## [1.0.1](https://github.com/npm/npm-pick-manifest/compare/v1.0.0...v1.0.1) (2017-04-24) | ||
@@ -138,3 +196,3 @@ | ||
* **deps:** forgot to add semver ([1876f4f](https://github.com/zkat/npm-pick-manifest/commit/1876f4f)) | ||
* **deps:** forgot to add semver ([1876f4f](https://github.com/npm/npm-pick-manifest/commit/1876f4f)) | ||
@@ -149,3 +207,3 @@ | ||
* **api:** initial implementation. ([b086912](https://github.com/zkat/npm-pick-manifest/commit/b086912)) | ||
* **api:** initial implementation. ([b086912](https://github.com/npm/npm-pick-manifest/commit/b086912)) | ||
@@ -152,0 +210,0 @@ |
37
index.js
@@ -26,2 +26,5 @@ 'use strict' | ||
}) | ||
const policyRestrictions = packument.policyRestrictions | ||
const restrictedVersions = policyRestrictions | ||
? Object.keys(policyRestrictions.versions) : [] | ||
@@ -36,3 +39,3 @@ function enjoyableBy (v) { | ||
if (!versions.length) { | ||
if (!versions.length && !restrictedVersions.length) { | ||
err = new Error(`No valid versions available for ${packument.name}`) | ||
@@ -98,2 +101,6 @@ err.code = 'ENOVERSIONS' | ||
if (!target && restrictedVersions) { | ||
target = semver.maxSatisfying(restrictedVersions, wanted, true) | ||
} | ||
const manifest = ( | ||
@@ -104,12 +111,20 @@ target && | ||
if (!manifest) { | ||
err = new Error( | ||
`No matching version found for ${packument.name}@${wanted}${ | ||
opts.enjoyBy | ||
? ` with an Enjoy By date of ${ | ||
new Date(opts.enjoyBy).toLocaleString() | ||
}. Maybe try a different date?` | ||
: '' | ||
}` | ||
) | ||
err.code = 'ETARGET' | ||
// Check if target is forbidden | ||
const isForbidden = target && policyRestrictions && policyRestrictions.versions[target] | ||
const pckg = `${packument.name}@${wanted}${ | ||
opts.enjoyBy | ||
? ` with an Enjoy By date of ${ | ||
new Date(opts.enjoyBy).toLocaleString() | ||
}. Maybe try a different date?` | ||
: '' | ||
}` | ||
if (isForbidden) { | ||
err = new Error(`Could not download ${pckg} due to policy violations.\n${policyRestrictions.message}\n`) | ||
err.code = 'E403' | ||
} else { | ||
err = new Error(`No matching version found for ${pckg}.`) | ||
err.code = 'ETARGET' | ||
} | ||
err.name = packument.name | ||
@@ -116,0 +131,0 @@ err.type = type |
{ | ||
"name": "npm-pick-manifest", | ||
"version": "2.2.3", | ||
"version": "5.0.0", | ||
"description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", | ||
@@ -10,11 +10,10 @@ "main": "index.js", | ||
"scripts": { | ||
"postrelease": "npm publish", | ||
"posttest": "standard", | ||
"prepublishOnly": "git push --follow-tags", | ||
"prerelease": "npm t", | ||
"postrelease": "npm publish && git push --follow-tags", | ||
"pretest": "standard", | ||
"release": "standard-version -s", | ||
"test": "tap -J --100 --coverage test/*.js", | ||
"update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", | ||
"update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" | ||
"test": "tap" | ||
}, | ||
"repository": "https://github.com/zkat/npm-pick-manifest", | ||
"repository": "https://github.com/npm/npm-pick-manifest", | ||
"keywords": [ | ||
@@ -33,21 +32,13 @@ "npm", | ||
"figgy-pudding": "^3.5.1", | ||
"npm-package-arg": "^6.0.0", | ||
"semver": "^5.4.1" | ||
"npm-package-arg": "^8.0.0", | ||
"semver": "^7.0.0" | ||
}, | ||
"devDependencies": { | ||
"nyc": "^13.1.0", | ||
"standard": "^10.0.3", | ||
"standard-version": "^4.4.0", | ||
"tap": "^12.0.1", | ||
"weallbehave": "^1.2.0", | ||
"weallcontribute": "^1.0.8" | ||
"standard": "^14.3.1", | ||
"standard-version": "^7.0.1", | ||
"tap": "^14.10.2" | ||
}, | ||
"config": { | ||
"nyc": { | ||
"exclude": [ | ||
"node_modules/**", | ||
"test/**" | ||
] | ||
} | ||
"tap": { | ||
"check-coverage": true | ||
} | ||
} |
@@ -1,4 +0,4 @@ | ||
# npm-pick-manifest [![npm version](https://img.shields.io/npm/v/npm-pick-manifest.svg)](https://npm.im/npm-pick-manifest) [![license](https://img.shields.io/npm/l/npm-pick-manifest.svg)](https://npm.im/npm-pick-manifest) [![Travis](https://img.shields.io/travis/zkat/npm-pick-manifest.svg)](https://travis-ci.org/zkat/npm-pick-manifest) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/npm-pick-manifest?svg=true)](https://ci.appveyor.com/project/zkat/npm-pick-manifest) [![Coverage Status](https://coveralls.io/repos/github/zkat/npm-pick-manifest/badge.svg?branch=latest)](https://coveralls.io/github/zkat/npm-pick-manifest?branch=latest) | ||
# npm-pick-manifest [![npm version](https://img.shields.io/npm/v/npm-pick-manifest.svg)](https://npm.im/npm-pick-manifest) [![license](https://img.shields.io/npm/l/npm-pick-manifest.svg)](https://npm.im/npm-pick-manifest) [![Travis](https://img.shields.io/travis/npm/npm-pick-manifest.svg)](https://travis-ci.org/npm/npm-pick-manifest) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/npm/npm-pick-manifest?svg=true)](https://ci.appveyor.com/project/npm/npm-pick-manifest) [![Coverage Status](https://coveralls.io/repos/github/npm/npm-pick-manifest/badge.svg?branch=latest)](https://coveralls.io/github/npm/npm-pick-manifest?branch=latest) | ||
[`npm-pick-manifest`](https://github.com/zkat/npm-pick-manifest) is a standalone | ||
[`npm-pick-manifest`](https://github.com/npm/npm-pick-manifest) is a standalone | ||
implementation of [npm](https://npmjs.com)'s semver range resolution algorithm. | ||
@@ -5,0 +5,0 @@ |
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
13993
3
119
+ Addedhosted-git-info@4.1.0(transitive)
+ Addedlru-cache@6.0.0(transitive)
+ Addednpm-package-arg@8.1.5(transitive)
+ Addedsemver@7.6.2(transitive)
+ Addedyallist@4.0.0(transitive)
- Removedhosted-git-info@2.8.9(transitive)
- Removednpm-package-arg@6.1.1(transitive)
- Removedos-homedir@1.0.2(transitive)
- Removedos-tmpdir@1.0.2(transitive)
- Removedosenv@0.1.5(transitive)
- Removedsemver@5.7.2(transitive)
Updatednpm-package-arg@^8.0.0
Updatedsemver@^7.0.0