Socket
Socket
Sign inDemoInstall

npm-registry-client

Package Overview
Dependencies
12
Maintainers
4
Versions
156
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 8.5.1 to 8.6.0

lib/access.js~
lib/authify.js~
lib/fetch.js~
lib/request.js~

10

CHANGELOG.md

@@ -5,2 +5,12 @@ # Change Log

<a name="8.6.0"></a>
# [8.6.0](https://github.com/npm/npm-registry-client/compare/v8.5.1...v8.6.0) (2018-07-13)
### Features
* **access:** Add support for npm access to set per-package 2fa requirements ([8b472d2](https://github.com/npm/npm-registry-client/commit/8b472d2))
<a name="8.5.1"></a>

@@ -7,0 +17,0 @@ ## [8.5.1](https://github.com/npm/npm-registry-client/compare/v8.5.0...v8.5.1) (2018-03-08)

14

lib/access.js

@@ -19,2 +19,8 @@ module.exports = access

}
subcommands['2fa-required'] = function (uri, params, cb) {
return setRequires2fa.call(this, true, uri, params, cb)
}
subcommands['2fa-not-required'] = function (uri, params, cb) {
return setRequires2fa.call(this, false, uri, params, cb)
}

@@ -29,2 +35,10 @@ function setAccess (access, uri, params, cb) {

function setRequires2fa (requires2fa, uri, params, cb) {
return this.request(apiUri(uri, 'package', params.package, 'access'), {
method: 'POST',
auth: params.auth,
body: JSON.stringify({ publish_requires_tfa: requires2fa })
}, cb)
}
subcommands.grant = function (uri, params, cb) {

@@ -31,0 +45,0 @@ var reqUri = apiUri(uri, 'team', params.scope, params.team, 'package')

35

lib/request.js

@@ -292,9 +292,22 @@ module.exports = regRequest

if (!parsed.error) {
er = makeError(
'Registry returned ' + response.statusCode +
' for ' + method +
' on ' + where,
name,
response.statusCode
)
if (response.statusCode === 401 && response.headers['www-authenticate']) {
const auth = response.headers['www-authenticate'].split(/,\s*/).map(s => s.toLowerCase())
if (auth.indexOf('ipaddress') !== -1) {
er = makeError('Login is not allowed from your IP address', name, response.statusCode, 'EAUTHIP')
} else if (auth.indexOf('otp') !== -1) {
er = makeError('OTP required for this operation', name, response.statusCode, 'EOTP')
} else {
er = makeError('Unable to authenticate, need: ' + response.headers['www-authenticate'], name, response.statusCode, 'EAUTHUNKNOWN')
}
} else {
const msg = parsed.message ? ': ' + parsed.message : ''
er = makeError(
'Registry returned ' + response.statusCode +
' for ' + method +
' on ' + where +
msg,
name,
response.statusCode
)
}
} else if (name && parsed.error === 'not_found') {

@@ -316,10 +329,10 @@ er = makeError('404 Not Found: ' + name, name, response.statusCode)

function makeError (message, name, code) {
function makeError (message, name, statusCode, code) {
var er = new Error(message)
if (name) er.pkgid = name
if (code) {
er.statusCode = code
er.code = 'E' + code
if (statusCode) {
er.statusCode = statusCode
er.code = code || 'E' + statusCode
}
return er
}

4

package.json

@@ -5,3 +5,3 @@ {

"description": "Client for the npm registry",
"version": "8.5.1",
"version": "8.6.0",
"repository": {

@@ -43,3 +43,3 @@ "url": "https://github.com/npm/npm-registry-client.git"

"standard-version": "^4.3.0",
"tap": "^11.1.2"
"tap": "^12.0.1"
},

@@ -46,0 +46,0 @@ "optionalDependencies": {

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc