npm-registry-client - npm Package Compare versions

Comparing version 3.1.5 to 3.1.6

lib/request.js

@@ -44,9 +44,13 @@ var assert = require("assert")
   var adduserChange = /^\/?-\/user\/org\.couchdb\.user:([^\/]+)\/-rev/
-    , uc = where.match(adduserChange)
+    , isUserChange = where.match(adduserChange)
     , adduserNew = /^\/?-\/user\/org\.couchdb\.user:([^\/]+)/
-    , nu = where.match(adduserNew)
+    , isNewUser = where.match(adduserNew)
     , alwaysAuth = this.conf.get("always-auth")
-    , isDel = method === "DELETE"
-    , isWrite = what || isDel
+    , isDelete = method === "DELETE"
+    , isWrite = what || isDelete
 
+  if (isUserChange && !isWrite) {
+    return cb(new Error("trying to change user document without writing(?!)"))
+  }
+
   // resolve to a full url on the registry
@@ -77,3 +81,11 @@ if (!where.match(/^https?:\/\//)) {
 
-  var authed = (alwaysAuth || isWrite) && !nu || uc || isDel
+  // most of the time we don't want to auth
+  var authed = false
+  // new users can *not* use auth, because they don't *have* auth yet
+  if (isNewUser) {
+    authed = false
+  }
+  else if (alwaysAuth || isWrite) {
+    authed = true
+  }
   if (!authed) this.log.verbose("request", "no auth needed")
@@ -80,0 +92,0 @@

package.json

@@ -5,3 +5,3 @@ {
   "description": "Client for the npm registry",
-  "version": "3.1.5",
+  "version": "3.1.6",
   "repository": {
@@ -8,0 +8,0 @@ "url": "git://github.com/isaacs/npm-registry-client"

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

254783

increased by0.12%

Lines of code

2426

increased by0.46%

No dependency changes