npm
Advanced tools
Comparing version 10.5.1 to 10.5.2
@@ -93,3 +93,3 @@ --- | ||
| - `expires`: null or a simplified extended [ISO 8601 format](https://en.wikipedia.org/wiki/ISO_8601"): `YYYY-MM-DDTHH:mm:ss.sssZ` | ||
| - `expires`: null or a simplified extended [ISO 8601 format](https://en.wikipedia.org/wiki/ISO_8601): `YYYY-MM-DDTHH:mm:ss.sssZ` | ||
| - `keydid`: sha256 fingerprint of the public key | ||
@@ -96,0 +96,0 @@ - `keytype`: only `ecdsa-sha2-nistp256` is currently supported by the npm CLI |
@@ -30,3 +30,3 @@ --- | ||
| ```bash | ||
| npm@10.5.1 /path/to/npm | ||
| npm@10.5.2 /path/to/npm | ||
| └─┬ init-package-json@0.0.4 | ||
@@ -33,0 +33,0 @@ └── promzard@0.1.5 |
@@ -17,3 +17,3 @@ --- | ||
| 10.5.1 | ||
| 10.5.2 | ||
@@ -20,0 +20,0 @@ ### Description |
@@ -6,3 +6,2 @@ // Base class for npm commands | ||
| const { definitions } = require('@npmcli/config/lib/definitions') | ||
| const getWorkspaces = require('./workspaces/get-workspaces.js') | ||
| const { aliases: cmdAliases } = require('./utils/cmd-list') | ||
@@ -174,2 +173,3 @@ const log = require('./utils/log-shim.js') | ||
| const filters = this.npm.config.get('workspace') | ||
| const getWorkspaces = require('./workspaces/get-workspaces.js') | ||
| const ws = await getWorkspaces(filters, { | ||
@@ -176,0 +176,0 @@ path: this.npm.localPrefix, |
@@ -8,2 +8,3 @@ const npa = require('npm-package-arg') | ||
| const BaseCommand = require('../base-command.js') | ||
| const { redact } = require('@npmcli/redact') | ||
@@ -123,3 +124,3 @@ const readJson = async (path) => { | ||
| } catch (err) { | ||
| log.error('owner ls', "Couldn't get owner data", npmFetch.cleanUrl(pkg)) | ||
| log.error('owner ls', "Couldn't get owner data", redact(pkg)) | ||
| throw err | ||
@@ -126,0 +127,0 @@ } |
@@ -1,2 +0,2 @@ | ||
| const { cleanUrl } = require('npm-registry-fetch') | ||
| const { redact } = require('@npmcli/redact') | ||
| const log = require('../utils/log-shim') | ||
@@ -12,3 +12,3 @@ const pingUtil = require('../utils/ping.js') | ||
| async exec (args) { | ||
| const cleanRegistry = cleanUrl(this.npm.config.get('registry')) | ||
| const cleanRegistry = redact(this.npm.config.get('registry')) | ||
| log.notice('PING', cleanRegistry) | ||
@@ -15,0 +15,0 @@ const start = Date.now() |
@@ -223,3 +223,8 @@ const log = require('../utils/log-shim.js') | ||
| if (manifest.publishConfig) { | ||
| flatten(manifest.publishConfig, opts) | ||
| const cliFlags = this.npm.config.data.get('cli').raw | ||
| // Filter out properties set in CLI flags to prioritize them over | ||
| // corresponding `publishConfig` settings | ||
| const filteredPublishConfig = Object.fromEntries( | ||
| Object.entries(manifest.publishConfig).filter(([key]) => !(key in cliFlags))) | ||
| flatten(filteredPublishConfig, opts) | ||
| } | ||
@@ -226,0 +231,0 @@ return manifest |
@@ -144,3 +144,8 @@ const libaccess = require('libnpmaccess') | ||
| if (manifest?.name === spec.name && manifest.publishConfig) { | ||
| flatten(manifest.publishConfig, opts) | ||
| const cliFlags = this.npm.config.data.get('cli').raw | ||
| // Filter out properties set in CLI flags to prioritize them over | ||
| // corresponding `publishConfig` settings | ||
| const filteredPublishConfig = Object.fromEntries( | ||
| Object.entries(manifest.publishConfig).filter(([key]) => !(key in cliFlags))) | ||
| flatten(filteredPublishConfig, opts) | ||
| } | ||
@@ -147,0 +152,0 @@ |
| const { format } = require('util') | ||
| const { resolve } = require('path') | ||
| const nameValidator = require('validate-npm-package-name') | ||
| const { redactLog: replaceInfo } = require('@npmcli/redact') | ||
@@ -218,2 +217,3 @@ const { report } = require('./explain-eresolve.js') | ||
| const nameValidator = require('validate-npm-package-name') | ||
| const valResult = nameValidator(pkg) | ||
@@ -220,0 +220,0 @@ |
| const os = require('os') | ||
| const { join, dirname, basename } = require('path') | ||
| const { format } = require('util') | ||
| const { glob } = require('glob') | ||
| const { Minipass } = require('minipass') | ||
@@ -12,3 +11,2 @@ const fsMiniPass = require('fs-minipass') | ||
| const padZero = (n, length) => n.toString().padStart(length.toString().length, '0') | ||
| const globify = pattern => pattern.split('\\').join('/') | ||
@@ -203,14 +201,38 @@ class LogFiles { | ||
| const logPath = this.#getLogFilePath() | ||
| const logGlob = join(dirname(logPath), basename(logPath) | ||
| const patternFileName = basename(logPath) | ||
| // tell glob to only match digits | ||
| .replace(/\d/g, '[0123456789]') | ||
| .replace(/\d/g, 'd') | ||
| // Handle the old (prior to 8.2.0) log file names which did not have a | ||
| // counter suffix | ||
| .replace(/-\.log$/, '*.log') | ||
| ) | ||
| .replace('-.log', '') | ||
| // Always ignore the currently written files | ||
| const files = await glob(globify(logGlob), { ignore: this.#files.map(globify), silent: true }) | ||
| const toDelete = files.length - this.#logsMax | ||
| let files = await fs.readdir( | ||
| dirname(logPath), { | ||
| withFileTypes: true, | ||
| encoding: 'utf-8', | ||
| }) | ||
| files = files.sort((a, b) => basename(a.name).localeCompare(basename(b.name), 'en')) | ||
| const logFiles = [] | ||
| for (const file of files) { | ||
| if (!file.isFile()) { | ||
| continue | ||
| } | ||
| const genericFileName = file.name.replace(/\d/g, 'd') | ||
| const filePath = join(dirname(logPath), basename(file.name)) | ||
| // Always ignore the currently written files | ||
| if ( | ||
| genericFileName.includes(patternFileName) | ||
| && genericFileName.endsWith('.log') | ||
| && !this.#files.includes(filePath) | ||
| ) { | ||
| logFiles.push(filePath) | ||
| } | ||
| } | ||
| const toDelete = logFiles.length - this.#logsMax | ||
| if (toDelete <= 0) { | ||
@@ -222,3 +244,3 @@ return | ||
| for (const file of files.slice(0, toDelete)) { | ||
| for (const file of logFiles.slice(0, toDelete)) { | ||
| try { | ||
@@ -225,0 +247,0 @@ await fs.rm(file, { force: true }) |
@@ -6,3 +6,5 @@ // print a banner telling the user to upgrade npm to latest | ||
| const ciInfo = require('ci-info') | ||
| const semver = require('semver') | ||
| const gt = require('semver/functions/gt') | ||
| const gte = require('semver/functions/gte') | ||
| const parse = require('semver/functions/parse') | ||
| const { stat, writeFile } = require('fs/promises') | ||
@@ -42,3 +44,3 @@ const { resolve } = require('path') | ||
| // the packument will be cached by pacote from previous request. | ||
| if (semver.gt(version, latest) && spec === 'latest') { | ||
| if (gt(version, latest) && spec === 'latest') { | ||
| return updateNotifier(npm, `^${version}`) | ||
@@ -48,3 +50,3 @@ } | ||
| // if we already have something >= the desired spec, then we're done | ||
| if (semver.gte(version, latest)) { | ||
| if (gte(version, latest)) { | ||
| return null | ||
@@ -59,3 +61,3 @@ } | ||
| // lost in any other messages being printed as part of the command. | ||
| const update = semver.parse(mani.version) | ||
| const update = parse(mani.version) | ||
| const type = update.major !== current.major ? 'major' | ||
@@ -86,3 +88,3 @@ : update.minor !== current.minor ? 'minor' | ||
| const { version } = npm | ||
| const current = semver.parse(version) | ||
| const current = parse(version) | ||
@@ -89,0 +91,0 @@ // if we're on a beta train, always get the next beta |
@@ -68,3 +68,6 @@ 'use strict' | ||
| const proxyAgent = new ProxyAgent(proxy, this.#options) | ||
| const proxyAgent = new ProxyAgent(proxy, { | ||
| ...this.#options, | ||
| socketOptions: { family: this.#options.family }, | ||
| }) | ||
| proxyCache.set(cacheKey, proxyAgent) | ||
@@ -71,0 +74,0 @@ |
| { | ||
| "name": "@npmcli/agent", | ||
| "version": "2.2.1", | ||
| "version": "2.2.2", | ||
| "description": "the http/https agent used by the npm cli", | ||
@@ -39,3 +39,3 @@ "main": "lib/index.js", | ||
| "lru-cache": "^10.0.1", | ||
| "socks-proxy-agent": "^8.0.1" | ||
| "socks-proxy-agent": "^8.0.3" | ||
| }, | ||
@@ -42,0 +42,0 @@ "devDependencies": { |
@@ -15,3 +15,3 @@ // mixin implementing the buildIdealTree method | ||
| const log = require('proc-log') | ||
| const { cleanUrl } = require('npm-registry-fetch') | ||
| const { redact } = require('@npmcli/redact') | ||
@@ -1217,3 +1217,3 @@ const { | ||
| } else { | ||
| const cleanRawSpec = cleanUrl(spec.rawSpec) | ||
| const cleanRawSpec = redact(spec.rawSpec) | ||
| log.silly('fetch manifest', spec.raw.replace(spec.rawSpec, cleanRawSpec)) | ||
@@ -1220,0 +1220,0 @@ const o = { |
@@ -12,3 +12,3 @@ // Given a dep, a node that depends on it, and the edge representing that | ||
| const log = require('proc-log') | ||
| const { cleanUrl } = require('npm-registry-fetch') | ||
| const { redact } = require('@npmcli/redact') | ||
| const deepestNestingTarget = require('./deepest-nesting-target.js') | ||
@@ -192,3 +192,3 @@ const CanPlaceDep = require('./can-place-dep.js') | ||
| `for: ${this.edge.from.package._id || this.edge.from.location}`, | ||
| `want: ${cleanUrl(this.edge.spec || '*')}` | ||
| `want: ${redact(this.edge.spec || '*')}` | ||
| ) | ||
@@ -195,0 +195,0 @@ |
| { | ||
| "name": "@npmcli/arborist", | ||
| "version": "7.4.1", | ||
| "version": "7.4.2", | ||
| "description": "Manage node_modules trees", | ||
@@ -15,2 +15,3 @@ "dependencies": { | ||
| "@npmcli/query": "^3.1.0", | ||
| "@npmcli/redact": "^1.1.0", | ||
| "@npmcli/run-script": "^7.0.2", | ||
@@ -17,0 +18,0 @@ "bin-links": "^4.0.1", |
@@ -5,8 +5,6 @@ // TODO: set the scope config from package.json or explicit cli config | ||
| const nopt = require('nopt') | ||
| const mapWorkspaces = require('@npmcli/map-workspaces') | ||
| const rpj = require('read-package-json-fast') | ||
| const log = require('proc-log') | ||
| const { resolve, dirname, join } = require('path') | ||
| const { homedir } = require('os') | ||
| const { resolve, dirname, join } = require('node:path') | ||
| const { homedir } = require('node:os') | ||
| const { | ||
@@ -32,20 +30,2 @@ readFile, | ||
| // define a custom getter, but turn into a normal prop | ||
| // if we set it. otherwise it can't be set on child objects | ||
| const settableGetter = (obj, key, get) => { | ||
| Object.defineProperty(obj, key, { | ||
| get, | ||
| set (value) { | ||
| Object.defineProperty(obj, key, { | ||
| value, | ||
| configurable: true, | ||
| writable: true, | ||
| enumerable: true, | ||
| }) | ||
| }, | ||
| configurable: true, | ||
| enumerable: true, | ||
| }) | ||
| } | ||
| const typeDefs = require('./type-defs.js') | ||
@@ -55,9 +35,4 @@ const nerfDart = require('./nerf-dart.js') | ||
| const parseField = require('./parse-field.js') | ||
| const typeDescription = require('./type-description.js') | ||
| const setEnvs = require('./set-envs.js') | ||
| const { | ||
| ErrInvalidAuth, | ||
| } = require('./errors.js') | ||
| // types that can be saved back to | ||
@@ -335,3 +310,17 @@ const confFileTypes = new Set([ | ||
| // returns `/foo/etc/npmrc`, but better to not change it at this point. | ||
| settableGetter(data, 'globalconfig', () => resolve(this.#get('prefix'), 'etc/npmrc')) | ||
| // define a custom getter, but turn into a normal prop | ||
| // if we set it. otherwise it can't be set on child objects | ||
| Object.defineProperty(data, 'globalconfig', { | ||
| get: () => resolve(this.#get('prefix'), 'etc/npmrc'), | ||
| set (value) { | ||
| Object.defineProperty(data, 'globalconfig', { | ||
| value, | ||
| configurable: true, | ||
| writable: true, | ||
| enumerable: true, | ||
| }) | ||
| }, | ||
| configurable: true, | ||
| enumerable: true, | ||
| }) | ||
| } | ||
@@ -451,2 +440,3 @@ | ||
| if (authProblems.length) { | ||
| const { ErrInvalidAuth } = require('./errors.js') | ||
| throw new ErrInvalidAuth(authProblems) | ||
@@ -520,2 +510,3 @@ } | ||
| invalidHandler (k, val, type, source, where) { | ||
| const typeDescription = require('./type-description.js') | ||
| log.warn( | ||
@@ -705,2 +696,3 @@ 'invalid config', | ||
| if (this.localPrefix && hasPackageJson) { | ||
| const rpj = require('read-package-json-fast') | ||
| // if we already set localPrefix but this dir has a package.json | ||
@@ -714,2 +706,3 @@ // then we need to see if `p` is a workspace root by reading its package.json | ||
| const mapWorkspaces = require('@npmcli/map-workspaces') | ||
| const workspaces = await mapWorkspaces({ cwd: p, pkg }) | ||
@@ -716,0 +709,0 @@ for (const w of workspaces.values()) { |
@@ -1,2 +0,2 @@ | ||
| const { URL } = require('url') | ||
| const { URL } = require('node:url') | ||
@@ -3,0 +3,0 @@ /** |
| // Parse a field, coercing it to the best type available. | ||
| const typeDefs = require('./type-defs.js') | ||
| const envReplace = require('./env-replace.js') | ||
| const { resolve } = require('path') | ||
| const { resolve } = require('node:path') | ||
@@ -6,0 +6,0 @@ const { parse: umaskParse } = require('./umask.js') |
| const nopt = require('nopt') | ||
| const { Umask, validate: validateUmask } = require('./umask.js') | ||
| const { validate: validateUmask } = require('./umask.js') | ||
| const semver = require('semver') | ||
| class Umask {} | ||
| class Semver {} | ||
| const semverValid = require('semver/functions/valid') | ||
| const validateSemver = (data, k, val) => { | ||
| const valid = semver.valid(val) | ||
| const valid = semverValid(val) | ||
| if (!valid) { | ||
@@ -26,3 +28,3 @@ return false | ||
| semver: { | ||
| type: semver, | ||
| type: Semver, | ||
| validate: validateSemver, | ||
@@ -29,0 +31,0 @@ description: 'full valid SemVer string', |
@@ -1,2 +0,1 @@ | ||
| class Umask {} | ||
| const parse = val => { | ||
@@ -36,2 +35,2 @@ // this is run via nopt and parse field where everything is | ||
| module.exports = { Umask, parse, validate } | ||
| module.exports = { parse, validate } |
| { | ||
| "name": "@npmcli/config", | ||
| "version": "8.2.1", | ||
| "version": "8.2.2", | ||
| "files": [ | ||
@@ -5,0 +5,0 @@ "bin/", |
| // not an airtight indicator, but a good gut-check to even bother trying | ||
| const { promisify } = require('util') | ||
| const fs = require('fs') | ||
| const stat = promisify(fs.stat) | ||
| const { stat } = require('fs/promises') | ||
| module.exports = ({ cwd = process.cwd() } = {}) => | ||
| stat(cwd + '/.git').then(() => true, () => false) |
| { | ||
| "name": "@npmcli/git", | ||
| "version": "5.0.4", | ||
| "version": "5.0.5", | ||
| "main": "lib/index.js", | ||
@@ -5,0 +5,0 @@ "files": [ |
@@ -8,5 +8,6 @@ const path = require('path') | ||
| function appendNegatedPatterns (patterns) { | ||
| const results = [] | ||
| for (let pattern of patterns) { | ||
| function appendNegatedPatterns (allPatterns) { | ||
| const patterns = [] | ||
| const negatedPatterns = [] | ||
| for (let pattern of allPatterns) { | ||
| const excl = pattern.match(/^!+/) | ||
@@ -17,11 +18,36 @@ if (excl) { | ||
| // strip off any / from the start of the pattern. /foo => foo | ||
| pattern = pattern.replace(/^\/+/, '') | ||
| // strip off any / or ./ from the start of the pattern. /foo => foo | ||
| pattern = pattern.replace(/^\.?\/+/, '') | ||
| // an odd number of ! means a negated pattern. !!foo ==> foo | ||
| const negate = excl && excl[0].length % 2 === 1 | ||
| results.push({ pattern, negate }) | ||
| if (negate) { | ||
| negatedPatterns.push(pattern) | ||
| } else { | ||
| // remove negated patterns that appeared before this pattern to avoid | ||
| // ignoring paths that were matched afterwards | ||
| // e.g: ['packages/**', '!packages/b/**', 'packages/b/a'] | ||
| // in the above list, the last pattern overrides the negated pattern | ||
| // right before it. In effect, the above list would become: | ||
| // ['packages/**', 'packages/b/a'] | ||
| // The order matters here which is why we must do it inside the loop | ||
| // as opposed to doing it all together at the end. | ||
| for (let i = 0; i < negatedPatterns.length; ++i) { | ||
| const negatedPattern = negatedPatterns[i] | ||
| if (minimatch(pattern, negatedPattern)) { | ||
| negatedPatterns.splice(i, 1) | ||
| } | ||
| } | ||
| patterns.push(pattern) | ||
| } | ||
| } | ||
| return results | ||
| // use the negated patterns to eagerly remove all the patterns that | ||
| // can be removed to avoid unnecessary crawling | ||
| for (const negated of negatedPatterns) { | ||
| for (const pattern of minimatch.match(patterns, negated)) { | ||
| patterns.splice(patterns.indexOf(pattern), 1) | ||
| } | ||
| } | ||
| return { patterns, negatedPatterns } | ||
| } | ||
@@ -82,7 +108,7 @@ | ||
| const { workspaces = [] } = opts.pkg | ||
| const patterns = getPatterns(workspaces) | ||
| const { patterns, negatedPatterns } = getPatterns(workspaces) | ||
| const results = new Map() | ||
| const seen = new Map() | ||
| if (!patterns.length) { | ||
| if (!patterns.length && !negatedPatterns.length) { | ||
| return results | ||
@@ -95,3 +121,5 @@ } | ||
| ...opts.ignore || [], | ||
| ...['**/node_modules/**'], | ||
| '**/node_modules/**', | ||
| // just ignore the negated patterns to avoid unnecessary crawling | ||
| ...negatedPatterns, | ||
| ], | ||
@@ -102,35 +130,38 @@ }) | ||
| for (const item of patterns) { | ||
| let matches = await glob(getGlobPattern(item.pattern), getGlobOpts()) | ||
| // preserves glob@8 behavior | ||
| matches = matches.sort((a, b) => a.localeCompare(b, 'en')) | ||
| let matches = await glob(patterns.map((p) => getGlobPattern(p)), getGlobOpts()) | ||
| // preserves glob@8 behavior | ||
| matches = matches.sort((a, b) => a.localeCompare(b, 'en')) | ||
| for (const match of matches) { | ||
| let pkg | ||
| const packageJsonPathname = getPackagePathname(match, 'package.json') | ||
| const packagePathname = path.dirname(packageJsonPathname) | ||
| // we must preserve the order of results according to the given list of | ||
| // workspace patterns | ||
| const orderedMatches = [] | ||
| for (const pattern of patterns) { | ||
| orderedMatches.push(...matches.filter((m) => { | ||
| return minimatch(m, pattern, { partial: true, windowsPathsNoEscape: true }) | ||
| })) | ||
| } | ||
| try { | ||
| pkg = await rpj(packageJsonPathname) | ||
| } catch (err) { | ||
| if (err.code === 'ENOENT') { | ||
| continue | ||
| } else { | ||
| throw err | ||
| } | ||
| } | ||
| for (const match of orderedMatches) { | ||
| let pkg | ||
| const packageJsonPathname = getPackagePathname(match, 'package.json') | ||
| const name = getPackageName(pkg, packagePathname) | ||
| let seenPackagePathnames = seen.get(name) | ||
| if (!seenPackagePathnames) { | ||
| seenPackagePathnames = new Set() | ||
| seen.set(name, seenPackagePathnames) | ||
| } | ||
| if (item.negate) { | ||
| seenPackagePathnames.delete(packagePathname) | ||
| try { | ||
| pkg = await rpj(packageJsonPathname) | ||
| } catch (err) { | ||
| if (err.code === 'ENOENT') { | ||
| continue | ||
| } else { | ||
| seenPackagePathnames.add(packagePathname) | ||
| throw err | ||
| } | ||
| } | ||
| const packagePathname = path.dirname(packageJsonPathname) | ||
| const name = getPackageName(pkg, packagePathname) | ||
| let seenPackagePathnames = seen.get(name) | ||
| if (!seenPackagePathnames) { | ||
| seenPackagePathnames = new Set() | ||
| seen.set(name, seenPackagePathnames) | ||
| } | ||
| seenPackagePathnames.add(packagePathname) | ||
| } | ||
@@ -140,5 +171,2 @@ | ||
| for (const [packageName, seenPackagePathnames] of seen) { | ||
| if (seenPackagePathnames.size === 0) { | ||
| continue | ||
| } | ||
| if (seenPackagePathnames.size > 1) { | ||
@@ -186,26 +214,21 @@ addDuplicateErrorMessages(errorMessageArray, packageName, seenPackagePathnames) | ||
| const results = new Map() | ||
| const patterns = getPatterns(workspaces) | ||
| if (!patterns.length) { | ||
| const { patterns, negatedPatterns } = getPatterns(workspaces) | ||
| if (!patterns.length && !negatedPatterns.length) { | ||
| return results | ||
| } | ||
| patterns.push({ pattern: '**/node_modules/**', negate: true }) | ||
| negatedPatterns.push('**/node_modules/**') | ||
| const getPackagePathname = pkgPathmame(opts) | ||
| for (const packageKey of Object.keys(packages)) { | ||
| if (packageKey === '') { | ||
| continue | ||
| const packageKeys = Object.keys(packages) | ||
| for (const pattern of negatedPatterns) { | ||
| for (const packageKey of minimatch.match(packageKeys, pattern)) { | ||
| packageKeys.splice(packageKeys.indexOf(packageKey), 1) | ||
| } | ||
| } | ||
| for (const item of patterns) { | ||
| if (minimatch(packageKey, item.pattern)) { | ||
| const packagePathname = getPackagePathname(packageKey) | ||
| const name = getPackageName(packages[packageKey], packagePathname) | ||
| if (item.negate) { | ||
| results.delete(packagePathname) | ||
| } else { | ||
| results.set(packagePathname, name) | ||
| } | ||
| } | ||
| const getPackagePathname = pkgPathmame(opts) | ||
| for (const pattern of patterns) { | ||
| for (const packageKey of minimatch.match(packageKeys, pattern)) { | ||
| const packagePathname = getPackagePathname(packageKey) | ||
| const name = getPackageName(packages[packageKey], packagePathname) | ||
| results.set(packagePathname, name) | ||
| } | ||
@@ -212,0 +235,0 @@ } |
| { | ||
| "name": "@npmcli/map-workspaces", | ||
| "version": "3.0.4", | ||
| "version": "3.0.6", | ||
| "main": "lib/index.js", | ||
@@ -28,3 +28,3 @@ "files": [ | ||
| "scripts": { | ||
| "lint": "eslint \"**/*.js\"", | ||
| "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", | ||
| "pretest": "npm run lint", | ||
@@ -47,3 +47,3 @@ "test": "tap", | ||
| "@npmcli/eslint-config": "^4.0.0", | ||
| "@npmcli/template-oss": "4.14.1", | ||
| "@npmcli/template-oss": "4.21.3", | ||
| "tap": "^16.0.1" | ||
@@ -59,5 +59,5 @@ }, | ||
| "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", | ||
| "version": "4.14.1", | ||
| "version": "4.21.3", | ||
| "publish": "true" | ||
| } | ||
| } |
@@ -1,11 +0,29 @@ | ||
| const semver = require('semver') | ||
| const valid = require('semver/functions/valid') | ||
| const clean = require('semver/functions/clean') | ||
| const fs = require('fs/promises') | ||
| const { glob } = require('glob') | ||
| const legacyFixer = require('normalize-package-data/lib/fixer.js') | ||
| const legacyMakeWarning = require('normalize-package-data/lib/make_warning.js') | ||
| const path = require('path') | ||
| const log = require('proc-log') | ||
| const git = require('@npmcli/git') | ||
| const hostedGitInfo = require('hosted-git-info') | ||
| /** | ||
| * @type {import('hosted-git-info')} | ||
| */ | ||
| let _hostedGitInfo | ||
| function lazyHostedGitInfo () { | ||
| if (!_hostedGitInfo) { | ||
| _hostedGitInfo = require('hosted-git-info') | ||
| } | ||
| return _hostedGitInfo | ||
| } | ||
| /** | ||
| * @type {import('glob').glob} | ||
| */ | ||
| let _glob | ||
| function lazyLoadGlob () { | ||
| if (!_glob) { | ||
| _glob = require('glob').glob | ||
| } | ||
| return _glob | ||
| } | ||
| // used to be npm-normalize-package-bin | ||
@@ -133,6 +151,6 @@ function normalizePackageBin (pkg, changes) { | ||
| } else { | ||
| if (!semver.valid(data.version, loose)) { | ||
| if (!valid(data.version, loose)) { | ||
| throw new Error(`Invalid version: "${data.version}"`) | ||
| } | ||
| const version = semver.clean(data.version, loose) | ||
| const version = clean(data.version, loose) | ||
| if (version !== data.version) { | ||
@@ -212,3 +230,3 @@ changes?.push(`"version" was cleaned and set to "${version}"`) | ||
| if (!scripts.install && !scripts.preinstall && data.gypfile !== false) { | ||
| const files = await glob('*.gyp', { cwd: pkg.path }) | ||
| const files = await lazyLoadGlob()('*.gyp', { cwd: pkg.path }) | ||
| if (files.length) { | ||
@@ -280,3 +298,7 @@ scripts.install = 'node-gyp rebuild' | ||
| const mdre = /\.m?a?r?k?d?o?w?n?$/i | ||
| const files = await glob('{README,README.*}', { cwd: pkg.path, nocase: true, mark: true }) | ||
| const files = await lazyLoadGlob()('{README,README.*}', { | ||
| cwd: pkg.path, | ||
| nocase: true, | ||
| mark: true, | ||
| }) | ||
| let readmeFile | ||
@@ -312,3 +334,3 @@ for (const file of files) { | ||
| const cwd = path.resolve(pkg.path, manDir) | ||
| const files = await glob('**/*.[0-9]', { cwd }) | ||
| const files = await lazyLoadGlob()('**/*.[0-9]', { cwd }) | ||
| data.man = files.map(man => | ||
@@ -326,3 +348,3 @@ path.relative(pkg.path, path.join(cwd, man)).split(path.sep).join('/') | ||
| const binsDir = path.resolve(pkg.path, path.join('.', path.join('/', data.directories.bin))) | ||
| const bins = await glob('**', { cwd: binsDir }) | ||
| const bins = await lazyLoadGlob()('**', { cwd: binsDir }) | ||
| data.bin = bins.reduce((acc, binFile) => { | ||
@@ -341,2 +363,3 @@ if (binFile && !binFile.startsWith('.')) { | ||
| if (steps.includes('gitHead') && !data.gitHead) { | ||
| const git = require('@npmcli/git') | ||
| const gitRoot = await git.find({ cwd: pkg.path, root }) | ||
@@ -455,3 +478,3 @@ let head | ||
| if (data.repository.url) { | ||
| const hosted = hostedGitInfo.fromUrl(data.repository.url) | ||
| const hosted = lazyHostedGitInfo().fromUrl(data.repository.url) | ||
| let r | ||
@@ -516,3 +539,3 @@ if (hosted) { | ||
| } | ||
| const hosted = hostedGitInfo.fromUrl(data[deps][d])?.toString() | ||
| const hosted = lazyHostedGitInfo().fromUrl(data[deps][d])?.toString() | ||
| if (hosted && hosted !== data[deps][d]) { | ||
@@ -529,2 +552,4 @@ changes?.push(`Normalized git reference to "${deps}.${d}"`) | ||
| if (steps.includes('normalizeData')) { | ||
| const legacyFixer = require('normalize-package-data/lib/fixer.js') | ||
| const legacyMakeWarning = require('normalize-package-data/lib/make_warning.js') | ||
| legacyFixer.warn = function () { | ||
@@ -531,0 +556,0 @@ changes?.push(legacyMakeWarning.apply(null, arguments)) |
| { | ||
| "name": "@npmcli/package-json", | ||
| "version": "5.0.0", | ||
| "version": "5.0.2", | ||
| "description": "Programmatic API to update package.json", | ||
@@ -13,3 +13,3 @@ "main": "lib/index.js", | ||
| "test": "tap", | ||
| "lint": "eslint \"**/*.js\"", | ||
| "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", | ||
| "lintfix": "npm run lint -- --fix", | ||
@@ -29,4 +29,4 @@ "posttest": "npm run lint", | ||
| "@npmcli/eslint-config": "^4.0.0", | ||
| "@npmcli/template-oss": "4.18.0", | ||
| "read-package-json": "^6.0.4", | ||
| "@npmcli/template-oss": "4.21.3", | ||
| "read-package-json": "^7.0.0", | ||
| "read-package-json-fast": "^3.0.2", | ||
@@ -53,10 +53,4 @@ "tap": "^16.0.1" | ||
| "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", | ||
| "version": "4.18.0", | ||
| "publish": "true", | ||
| "ciVersions": [ | ||
| "16.14.0", | ||
| "16.x", | ||
| "18.0.0", | ||
| "18.x" | ||
| ] | ||
| "version": "4.21.3", | ||
| "publish": "true" | ||
| }, | ||
@@ -63,0 +57,0 @@ "tap": { |
@@ -24,3 +24,5 @@ "use strict"; | ||
| return { | ||
| mediaType: bundle_1.BUNDLE_V02_MEDIA_TYPE, | ||
| mediaType: options.singleCertificate | ||
| ? bundle_1.BUNDLE_V03_MEDIA_TYPE | ||
| : bundle_1.BUNDLE_V02_MEDIA_TYPE, | ||
| content: { | ||
@@ -43,3 +45,5 @@ $case: 'messageSignature', | ||
| return { | ||
| mediaType: bundle_1.BUNDLE_V02_MEDIA_TYPE, | ||
| mediaType: options.singleCertificate | ||
| ? bundle_1.BUNDLE_V03_MEDIA_TYPE | ||
| : bundle_1.BUNDLE_V02_MEDIA_TYPE, | ||
| content: { | ||
@@ -76,8 +80,16 @@ $case: 'dsseEnvelope', | ||
| if (options.certificate) { | ||
| return { | ||
| $case: 'x509CertificateChain', | ||
| x509CertificateChain: { | ||
| certificates: [{ rawBytes: options.certificate }], | ||
| }, | ||
| }; | ||
| if (options.singleCertificate) { | ||
| return { | ||
| $case: 'certificate', | ||
| certificate: { rawBytes: options.certificate }, | ||
| }; | ||
| } | ||
| else { | ||
| return { | ||
| $case: 'x509CertificateChain', | ||
| x509CertificateChain: { | ||
| certificates: [{ rawBytes: options.certificate }], | ||
| }, | ||
| }; | ||
| } | ||
| } | ||
@@ -84,0 +96,0 @@ else { |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.isBundleWithDsseEnvelope = exports.isBundleWithMessageSignature = exports.isBundleWithPublicKey = exports.isBundleWithCertificateChain = exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = void 0; | ||
| exports.isBundleWithDsseEnvelope = exports.isBundleWithMessageSignature = exports.isBundleWithPublicKey = exports.isBundleWithCertificateChain = exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V03_LEGACY_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = void 0; | ||
| exports.BUNDLE_V01_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.1'; | ||
| exports.BUNDLE_V02_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.2'; | ||
| exports.BUNDLE_V03_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.3'; | ||
| exports.BUNDLE_V03_LEGACY_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.3'; | ||
| exports.BUNDLE_V03_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle.v0.3+json'; | ||
| // Type guards for bundle variants. | ||
@@ -8,0 +9,0 @@ function isBundleWithCertificateChain(b) { |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.isBundleV01 = exports.assertBundleV02 = exports.assertBundleV01 = exports.assertBundleLatest = exports.assertBundle = exports.envelopeToJSON = exports.envelopeFromJSON = exports.bundleToJSON = exports.bundleFromJSON = exports.ValidationError = exports.isBundleWithPublicKey = exports.isBundleWithMessageSignature = exports.isBundleWithDsseEnvelope = exports.isBundleWithCertificateChain = exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = exports.toMessageSignatureBundle = exports.toDSSEBundle = void 0; | ||
| exports.isBundleV01 = exports.assertBundleV02 = exports.assertBundleV01 = exports.assertBundleLatest = exports.assertBundle = exports.envelopeToJSON = exports.envelopeFromJSON = exports.bundleToJSON = exports.bundleFromJSON = exports.ValidationError = exports.isBundleWithPublicKey = exports.isBundleWithMessageSignature = exports.isBundleWithDsseEnvelope = exports.isBundleWithCertificateChain = exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V03_LEGACY_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = exports.toMessageSignatureBundle = exports.toDSSEBundle = void 0; | ||
| /* | ||
@@ -25,2 +25,3 @@ Copyright 2023 The Sigstore Authors. | ||
| Object.defineProperty(exports, "BUNDLE_V02_MEDIA_TYPE", { enumerable: true, get: function () { return bundle_1.BUNDLE_V02_MEDIA_TYPE; } }); | ||
| Object.defineProperty(exports, "BUNDLE_V03_LEGACY_MEDIA_TYPE", { enumerable: true, get: function () { return bundle_1.BUNDLE_V03_LEGACY_MEDIA_TYPE; } }); | ||
| Object.defineProperty(exports, "BUNDLE_V03_MEDIA_TYPE", { enumerable: true, get: function () { return bundle_1.BUNDLE_V03_MEDIA_TYPE; } }); | ||
@@ -27,0 +28,0 @@ Object.defineProperty(exports, "isBundleWithCertificateChain", { enumerable: true, get: function () { return bundle_1.isBundleWithCertificateChain; } }); |
@@ -77,3 +77,4 @@ "use strict"; | ||
| if (b.mediaType === undefined || | ||
| !b.mediaType.startsWith('application/vnd.dev.sigstore.bundle+json;version=')) { | ||
| (!b.mediaType.match(/^application\/vnd\.dev\.sigstore\.bundle\+json;version=\d\.\d/) && | ||
| !b.mediaType.match(/^application\/vnd\.dev\.sigstore\.bundle\.v\d\.\d\+json/))) { | ||
| invalidValues.push('mediaType'); | ||
@@ -80,0 +81,0 @@ } |
| { | ||
| "name": "@sigstore/bundle", | ||
| "version": "2.2.0", | ||
| "version": "2.3.1", | ||
| "description": "Sigstore bundle type", | ||
@@ -30,3 +30,3 @@ "main": "dist/index.js", | ||
| "dependencies": { | ||
| "@sigstore/protobuf-specs": "^0.3.0" | ||
| "@sigstore/protobuf-specs": "^0.3.1" | ||
| }, | ||
@@ -33,0 +33,0 @@ "engines": { |
@@ -24,3 +24,3 @@ "use strict"; | ||
| const SHA256_ALGORITHM = 'sha256'; | ||
| function createPublicKey(key) { | ||
| function createPublicKey(key, type = 'spki') { | ||
| if (typeof key === 'string') { | ||
@@ -30,3 +30,3 @@ return crypto_1.default.createPublicKey(key); | ||
| else { | ||
| return crypto_1.default.createPublicKey({ key, format: 'der', type: 'spki' }); | ||
| return crypto_1.default.createPublicKey({ key, format: 'der', type: type }); | ||
| } | ||
@@ -33,0 +33,0 @@ } |
| { | ||
| "name": "@sigstore/core", | ||
| "version": "1.0.0", | ||
| "version": "1.1.0", | ||
| "description": "Base library for Sigstore", | ||
@@ -5,0 +5,0 @@ "main": "dist/index.js", |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.TrustedRoot = exports.CertificateAuthority = exports.TransparencyLogInstance = void 0; | ||
| exports.ClientTrustConfig = exports.SigningConfig = exports.TrustedRoot = exports.CertificateAuthority = exports.TransparencyLogInstance = void 0; | ||
| /* eslint-disable */ | ||
@@ -101,4 +101,56 @@ const sigstore_common_1 = require("./sigstore_common"); | ||
| }; | ||
| function createBaseSigningConfig() { | ||
| return { caUrl: "", oidcUrl: "", tlogUrls: [], tsaUrls: [] }; | ||
| } | ||
| exports.SigningConfig = { | ||
| fromJSON(object) { | ||
| return { | ||
| caUrl: isSet(object.caUrl) ? String(object.caUrl) : "", | ||
| oidcUrl: isSet(object.oidcUrl) ? String(object.oidcUrl) : "", | ||
| tlogUrls: Array.isArray(object?.tlogUrls) ? object.tlogUrls.map((e) => String(e)) : [], | ||
| tsaUrls: Array.isArray(object?.tsaUrls) ? object.tsaUrls.map((e) => String(e)) : [], | ||
| }; | ||
| }, | ||
| toJSON(message) { | ||
| const obj = {}; | ||
| message.caUrl !== undefined && (obj.caUrl = message.caUrl); | ||
| message.oidcUrl !== undefined && (obj.oidcUrl = message.oidcUrl); | ||
| if (message.tlogUrls) { | ||
| obj.tlogUrls = message.tlogUrls.map((e) => e); | ||
| } | ||
| else { | ||
| obj.tlogUrls = []; | ||
| } | ||
| if (message.tsaUrls) { | ||
| obj.tsaUrls = message.tsaUrls.map((e) => e); | ||
| } | ||
| else { | ||
| obj.tsaUrls = []; | ||
| } | ||
| return obj; | ||
| }, | ||
| }; | ||
| function createBaseClientTrustConfig() { | ||
| return { mediaType: "", trustedRoot: undefined, signingConfig: undefined }; | ||
| } | ||
| exports.ClientTrustConfig = { | ||
| fromJSON(object) { | ||
| return { | ||
| mediaType: isSet(object.mediaType) ? String(object.mediaType) : "", | ||
| trustedRoot: isSet(object.trustedRoot) ? exports.TrustedRoot.fromJSON(object.trustedRoot) : undefined, | ||
| signingConfig: isSet(object.signingConfig) ? exports.SigningConfig.fromJSON(object.signingConfig) : undefined, | ||
| }; | ||
| }, | ||
| toJSON(message) { | ||
| const obj = {}; | ||
| message.mediaType !== undefined && (obj.mediaType = message.mediaType); | ||
| message.trustedRoot !== undefined && | ||
| (obj.trustedRoot = message.trustedRoot ? exports.TrustedRoot.toJSON(message.trustedRoot) : undefined); | ||
| message.signingConfig !== undefined && | ||
| (obj.signingConfig = message.signingConfig ? exports.SigningConfig.toJSON(message.signingConfig) : undefined); | ||
| return obj; | ||
| }, | ||
| }; | ||
| function isSet(value) { | ||
| return value !== null && value !== undefined; | ||
| } |
| { | ||
| "name": "@sigstore/protobuf-specs", | ||
| "version": "0.3.0", | ||
| "version": "0.3.1", | ||
| "description": "code-signing for npm packages", | ||
@@ -24,3 +24,3 @@ "main": "dist/index.js", | ||
| "devDependencies": { | ||
| "@tsconfig/node14": "^1.0.3", | ||
| "@tsconfig/node16": "^16.1.1", | ||
| "@types/node": "^18.14.0", | ||
@@ -30,4 +30,4 @@ "typescript": "^4.9.5" | ||
| "engines": { | ||
| "node": "^14.17.0 || ^16.13.0 || >=18.0.0" | ||
| "node": "^16.14.0 || >=18.0.0" | ||
| } | ||
| } |
@@ -59,3 +59,3 @@ "use strict"; | ||
| // DSSE envelope bundle - $case: 'dsseEnvelope' | ||
| function toDSSEBundle(artifact, signature) { | ||
| function toDSSEBundle(artifact, signature, singleCertificate) { | ||
| return sigstore.toDSSEBundle({ | ||
@@ -69,4 +69,5 @@ artifact: artifact.data, | ||
| keyHint: signature.key.$case === 'publicKey' ? signature.key.hint : undefined, | ||
| singleCertificate, | ||
| }); | ||
| } | ||
| exports.toDSSEBundle = toDSSEBundle; |
@@ -26,2 +26,3 @@ "use strict"; | ||
| super(options); | ||
| this.singleCertificate = options.singleCertificate ?? false; | ||
| } | ||
@@ -36,3 +37,3 @@ // DSSE requires the artifact to be pre-encoded with the payload type | ||
| async package(artifact, signature) { | ||
| return (0, bundle_1.toDSSEBundle)(artifactDefaults(artifact), signature); | ||
| return (0, bundle_1.toDSSEBundle)(artifactDefaults(artifact), signature, this.singleCertificate); | ||
| } | ||
@@ -39,0 +40,0 @@ } |
| { | ||
| "name": "@sigstore/sign", | ||
| "version": "2.2.3", | ||
| "version": "2.3.0", | ||
| "description": "Sigstore signing library", | ||
@@ -30,3 +30,3 @@ "main": "dist/index.js", | ||
| "@sigstore/jest": "^0.0.0", | ||
| "@sigstore/mock": "^0.6.5", | ||
| "@sigstore/mock": "^0.7.0", | ||
| "@sigstore/rekor-types": "^2.0.0", | ||
@@ -36,5 +36,5 @@ "@types/make-fetch-happen": "^10.0.4" | ||
| "dependencies": { | ||
| "@sigstore/bundle": "^2.2.0", | ||
| "@sigstore/bundle": "^2.3.0", | ||
| "@sigstore/core": "^1.0.0", | ||
| "@sigstore/protobuf-specs": "^0.3.0", | ||
| "@sigstore/protobuf-specs": "^0.3.1", | ||
| "make-fetch-happen": "^13.0.0" | ||
@@ -41,0 +41,0 @@ }, |
@@ -45,3 +45,3 @@ "use strict"; | ||
| // Ensure that the signature in the bundle's DSSE matches tlog entry | ||
| if (!content.compareSignature(Buffer.from(tlogSig, 'base64'))) | ||
| if (!content.compareSignature(Buffer.from(tlogSig, 'base64'))) { | ||
| throw new error_1.VerificationError({ | ||
@@ -51,2 +51,3 @@ code: 'TLOG_BODY_ERROR', | ||
| }); | ||
| } | ||
| // Ensure the digest of the bundle's DSSE payload matches the digest in the | ||
@@ -53,0 +54,0 @@ // tlog entry |
@@ -20,2 +20,3 @@ "use strict"; | ||
| const core_1 = require("@sigstore/core"); | ||
| const protobuf_specs_1 = require("@sigstore/protobuf-specs"); | ||
| const error_1 = require("../error"); | ||
@@ -39,5 +40,13 @@ const BEGINNING_OF_TIME = new Date(0); | ||
| function createTLogAuthority(tlogInstance) { | ||
| const keyDetails = tlogInstance.publicKey.keyDetails; | ||
| const keyType = keyDetails === protobuf_specs_1.PublicKeyDetails.PKCS1_RSA_PKCS1V5 || | ||
| keyDetails === protobuf_specs_1.PublicKeyDetails.PKIX_RSA_PKCS1V5 || | ||
| keyDetails === protobuf_specs_1.PublicKeyDetails.PKIX_RSA_PKCS1V15_2048_SHA256 || | ||
| keyDetails === protobuf_specs_1.PublicKeyDetails.PKIX_RSA_PKCS1V15_3072_SHA256 || | ||
| keyDetails === protobuf_specs_1.PublicKeyDetails.PKIX_RSA_PKCS1V15_4096_SHA256 | ||
| ? 'pkcs1' | ||
| : 'spki'; | ||
| return { | ||
| logID: tlogInstance.logId.keyId, | ||
| publicKey: core_1.crypto.createPublicKey(tlogInstance.publicKey.rawBytes), | ||
| publicKey: core_1.crypto.createPublicKey(tlogInstance.publicKey.rawBytes, keyType), | ||
| validFor: { | ||
@@ -44,0 +53,0 @@ start: tlogInstance.publicKey.validFor?.start || BEGINNING_OF_TIME, |
| { | ||
| "name": "@sigstore/verify", | ||
| "version": "1.1.0", | ||
| "version": "1.2.0", | ||
| "description": "Verification of Sigstore signatures", | ||
@@ -29,5 +29,5 @@ "main": "dist/index.js", | ||
| "dependencies": { | ||
| "@sigstore/protobuf-specs": "^0.3.0", | ||
| "@sigstore/bundle": "^2.2.0", | ||
| "@sigstore/core": "^1.0.0" | ||
| "@sigstore/protobuf-specs": "^0.3.1", | ||
| "@sigstore/bundle": "^2.3.1", | ||
| "@sigstore/core": "^1.1.0" | ||
| }, | ||
@@ -34,0 +34,0 @@ "engines": { |
| 'use strict' | ||
| const semver = require('semver') | ||
| const satisfies = require('semver/functions/satisfies') | ||
@@ -63,3 +63,3 @@ const permanentModules = [ | ||
| for (const [name, semverRange] of Object.entries(versionLockedModules)) { | ||
| if (version === '*' || semver.satisfies(version, semverRange)) { | ||
| if (version === '*' || satisfies(version, semverRange)) { | ||
| builtins.push(name) | ||
@@ -73,3 +73,3 @@ } | ||
| !builtins.includes(name) && | ||
| (version === '*' || semver.satisfies(version, semverRange)) | ||
| (version === '*' || satisfies(version, semverRange)) | ||
| ) { | ||
@@ -76,0 +76,0 @@ builtins.push(name) |
| { | ||
| "name": "builtins", | ||
| "version": "5.0.1", | ||
| "version": "5.1.0", | ||
| "description": "List of node.js builtin modules", | ||
@@ -10,3 +10,3 @@ "repository": "juliangruber/builtins", | ||
| "scripts": { | ||
| "test": "prettier-standard && standard && node-core-test" | ||
| "test": "standard --fix && node--test" | ||
| }, | ||
@@ -17,6 +17,5 @@ "dependencies": { | ||
| "devDependencies": { | ||
| "node-core-test": "^1.4.0", | ||
| "prettier-standard": "^15.0.1", | ||
| "standard": "^14.3.4" | ||
| "standard": "^17.0.0", | ||
| "test": "^3.0.0" | ||
| } | ||
| } |
| { | ||
| "name": "cidr-regex", | ||
| "version": "4.0.3", | ||
| "version": "4.0.5", | ||
| "description": "Regular expression for matching IP addresses in CIDR notation", | ||
@@ -25,9 +25,10 @@ "author": "silverwind <me@silverwind.io>", | ||
| "devDependencies": { | ||
| "eslint": "8.37.0", | ||
| "eslint-config-silverwind": "65.1.3", | ||
| "tsd": "0.28.1", | ||
| "updates": "13.2.9", | ||
| "versions": "10.4.2", | ||
| "vitest": "0.29.8" | ||
| "eslint": "8.57.0", | ||
| "eslint-config-silverwind": "83.0.1", | ||
| "tsd": "0.31.0", | ||
| "updates": "16.0.0", | ||
| "versions": "12.0.1", | ||
| "vitest": "1.4.0", | ||
| "vitest-config-silverwind": "7.0.3" | ||
| } | ||
| } |
| { | ||
| "name": "hasown", | ||
| "version": "2.0.1", | ||
| "version": "2.0.2", | ||
| "description": "A robust, ES3 compatible, \"has own property\" predicate.", | ||
@@ -21,2 +21,3 @@ "main": "index.js", | ||
| "tsc": "tsc -p .", | ||
| "posttsc": "attw -P", | ||
| "tests-only": "nyc tape 'test/**/*.js'", | ||
@@ -54,3 +55,5 @@ "test": "npm run tests-only", | ||
| "devDependencies": { | ||
| "@arethetypeswrong/cli": "^0.15.1", | ||
| "@ljharb/eslint-config": "^21.1.0", | ||
| "@ljharb/tsconfig": "^0.2.0", | ||
| "@types/function-bind": "^1.1.10", | ||
@@ -68,3 +71,3 @@ "@types/mock-property": "^1.0.2", | ||
| "safe-publish-latest": "^2.0.0", | ||
| "tape": "^5.7.4", | ||
| "tape": "^5.7.5", | ||
| "typescript": "next" | ||
@@ -71,0 +74,0 @@ }, |
| { | ||
| "compilerOptions": { | ||
| /* Visit https://aka.ms/tsconfig to read more about this file */ | ||
| /* Projects */ | ||
| /* Language and Environment */ | ||
| "target": "es2016", /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */ | ||
| // "lib": [], /* Specify a set of bundled library declaration files that describe the target runtime environment. */ | ||
| // "noLib": true, /* Disable including any library files, including the default lib.d.ts. */ | ||
| "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */ | ||
| // "moduleDetection": "auto", /* Control what method is used to detect module-format JS files. */ | ||
| /* Modules */ | ||
| "module": "commonjs", /* Specify what module code is generated. */ | ||
| // "rootDir": "./", /* Specify the root folder within your source files. */ | ||
| // "moduleResolution": "node10", /* Specify how TypeScript looks up a file from a given module specifier. */ | ||
| // "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */ | ||
| // "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */ | ||
| // "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */ | ||
| "typeRoots": ["types"], /* Specify multiple folders that act like './node_modules/@types'. */ | ||
| "resolveJsonModule": true, /* Enable importing .json files. */ | ||
| // "allowArbitraryExtensions": true, /* Enable importing files with any extension, provided a declaration file is present. */ | ||
| /* JavaScript Support */ | ||
| "allowJs": true, /* Allow JavaScript files to be a part of your program. Use the 'checkJS' option to get errors from these files. */ | ||
| "checkJs": true, /* Enable error reporting in type-checked JavaScript files. */ | ||
| "maxNodeModuleJsDepth": 1, /* Specify the maximum folder depth used for checking JavaScript files from 'node_modules'. Only applicable with 'allowJs'. */ | ||
| /* Emit */ | ||
| "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */ | ||
| "declarationMap": true, /* Create sourcemaps for d.ts files. */ | ||
| "noEmit": true, /* Disable emitting files from a compilation. */ | ||
| /* Interop Constraints */ | ||
| "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */ | ||
| "esModuleInterop": true, /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables 'allowSyntheticDefaultImports' for type compatibility. */ | ||
| "forceConsistentCasingInFileNames": true, /* Ensure that casing is correct in imports. */ | ||
| /* Type Checking */ | ||
| "strict": true, /* Enable all strict type-checking options. */ | ||
| /* Completeness */ | ||
| //"skipLibCheck": true /* Skip type checking all .d.ts files. */ | ||
| }, | ||
| "extends": "@ljharb/tsconfig", | ||
| "exclude": [ | ||
| "coverage" | ||
| ] | ||
| "coverage", | ||
| ], | ||
| } |
| { | ||
| "name": "is-cidr", | ||
| "version": "5.0.3", | ||
| "version": "5.0.5", | ||
| "description": "Check if a string is an IP address in CIDR notation", | ||
@@ -22,12 +22,13 @@ "author": "silverwind <me@silverwind.io>", | ||
| "dependencies": { | ||
| "cidr-regex": "4.0.3" | ||
| "cidr-regex": "^4.0.4" | ||
| }, | ||
| "devDependencies": { | ||
| "eslint": "8.37.0", | ||
| "eslint-config-silverwind": "65.1.3", | ||
| "tsd": "0.28.1", | ||
| "updates": "13.2.9", | ||
| "versions": "10.4.2", | ||
| "vitest": "0.29.8" | ||
| "eslint": "8.57.0", | ||
| "eslint-config-silverwind": "83.0.1", | ||
| "tsd": "0.31.0", | ||
| "updates": "16.0.0", | ||
| "versions": "12.0.1", | ||
| "vitest": "1.4.0", | ||
| "vitest-config-silverwind": "7.0.3" | ||
| } | ||
| } |
| { | ||
| "name": "libnpmdiff", | ||
| "version": "6.0.8", | ||
| "version": "6.0.9", | ||
| "description": "The registry diff", | ||
@@ -5,0 +5,0 @@ "repository": { |
| { | ||
| "name": "libnpmexec", | ||
| "version": "7.0.9", | ||
| "version": "7.0.10", | ||
| "files": [ | ||
@@ -5,0 +5,0 @@ "bin/", |
| { | ||
| "name": "libnpmfund", | ||
| "version": "5.0.6", | ||
| "version": "5.0.7", | ||
| "main": "lib/index.js", | ||
@@ -5,0 +5,0 @@ "files": [ |
| { | ||
| "name": "libnpmpack", | ||
| "version": "6.0.8", | ||
| "version": "6.0.9", | ||
| "description": "Programmatic API for the bits behind npm pack", | ||
@@ -5,0 +5,0 @@ "author": "GitHub Inc.", |
| { | ||
| "name": "postcss-selector-parser", | ||
| "version": "6.0.15", | ||
| "version": "6.0.16", | ||
| "devDependencies": { | ||
@@ -36,3 +36,4 @@ "@babel/cli": "^7.11.6", | ||
| "scripts": { | ||
| "pretest": "eslint src && tsc --noEmit postcss-selector-parser.d.ts", | ||
| "typecheck": "tsc --noEmit --strict postcss-selector-parser.d.ts postcss-selector-parser.test.ts", | ||
| "pretest": "eslint src && npm run typecheck", | ||
| "prepare": "del-cli dist && BABEL_ENV=publish babel src --out-dir dist --ignore /__tests__/", | ||
@@ -39,0 +40,0 @@ "lintfix": "eslint --fix src", |
| { | ||
| "name": "sigstore", | ||
| "version": "2.2.2", | ||
| "version": "2.3.0", | ||
| "description": "code-signing for npm packages", | ||
@@ -32,3 +32,3 @@ "main": "dist/index.js", | ||
| "@sigstore/jest": "^0.0.0", | ||
| "@sigstore/mock": "^0.6.5", | ||
| "@sigstore/mock": "^0.7.0", | ||
| "@tufjs/repo-mock": "^2.0.0", | ||
@@ -38,8 +38,8 @@ "@types/make-fetch-happen": "^10.0.4" | ||
| "dependencies": { | ||
| "@sigstore/bundle": "^2.2.0", | ||
| "@sigstore/bundle": "^2.3.1", | ||
| "@sigstore/core": "^1.0.0", | ||
| "@sigstore/protobuf-specs": "^0.3.0", | ||
| "@sigstore/sign": "^2.2.3", | ||
| "@sigstore/protobuf-specs": "^0.3.1", | ||
| "@sigstore/sign": "^2.3.0", | ||
| "@sigstore/tuf": "^2.3.1", | ||
| "@sigstore/verify": "^1.1.0" | ||
| "@sigstore/verify": "^1.2.0" | ||
| }, | ||
@@ -46,0 +46,0 @@ "engines": { |
@@ -97,2 +97,3 @@ "use strict"; | ||
| this.timeout = opts?.timeout ?? null; | ||
| this.socketOptions = opts?.socketOptions ?? null; | ||
| } | ||
@@ -132,2 +133,5 @@ /** | ||
| timeout: timeout ?? undefined, | ||
| // @ts-expect-error the type supplied by socks for socket_options is wider | ||
| // than necessary since socks will always override the host and port | ||
| socket_options: this.socketOptions ?? undefined, | ||
| }; | ||
@@ -134,0 +138,0 @@ const cleanup = (tlsSocket) => { |
| { | ||
| "name": "socks-proxy-agent", | ||
| "version": "8.0.2", | ||
| "version": "8.0.3", | ||
| "description": "A SOCKS proxy `http.Agent` implementation for HTTP and HTTPS", | ||
@@ -110,3 +110,3 @@ "main": "./dist/index.js", | ||
| "dependencies": { | ||
| "agent-base": "^7.0.2", | ||
| "agent-base": "^7.1.1", | ||
| "debug": "^4.3.4", | ||
@@ -113,0 +113,0 @@ "socks": "^2.7.1" |
@@ -155,3 +155,7 @@ "use strict"; | ||
| const address = new ip_address_1.Address6(ip); | ||
| return Buffer.from(address.toByteArray()); | ||
| return Buffer.from(address | ||
| .canonicalForm() | ||
| .split(':') | ||
| .map((segment) => segment.padStart(4, '0')) | ||
| .join(''), 'hex'); | ||
| } | ||
@@ -158,0 +162,0 @@ else { |
| { | ||
| "name": "socks", | ||
| "private": false, | ||
| "version": "2.8.0", | ||
| "version": "2.8.3", | ||
| "description": "Fully featured SOCKS proxy client supporting SOCKSv4, SOCKSv4a, and SOCKSv5. Includes Bind and Associate functionality.", | ||
@@ -26,3 +26,3 @@ "main": "build/index.js", | ||
| "engines": { | ||
| "node": ">= 16.0.0", | ||
| "node": ">= 10.0.0", | ||
| "npm": ">= 3.0.0" | ||
@@ -56,4 +56,5 @@ }, | ||
| "lint": "eslint 'src/**/*.ts'", | ||
| "build": "rm -rf build typings && prettier --write ./src/**/*.ts --config .prettierrc.yaml && tsc -p ." | ||
| "build": "rm -rf build typings && prettier --write ./src/**/*.ts --config .prettierrc.yaml && tsc -p .", | ||
| "build-raw": "rm -rf build typings && tsc -p ." | ||
| } | ||
| } |
| { | ||
| "name": "spdx-expression-parse", | ||
| "description": "parse SPDX license expressions", | ||
| "version": "3.0.1", | ||
| "version": "4.0.0", | ||
| "author": "Kyle E. Mitchell <kyle@kemitchell.com> (https://kemitchell.com)", | ||
@@ -6,0 +6,0 @@ "files": [ |
@@ -40,3 +40,3 @@ 'use strict' | ||
| var string | ||
| var possibilities = ['WITH', 'AND', 'OR', '(', ')', ':', '+'] | ||
| var possibilities = [/^WITH/i, /^AND/i, /^OR/i, '(', ')', ':', '+'] | ||
| for (var i = 0; i < possibilities.length; i++) { | ||
@@ -55,3 +55,3 @@ string = read(possibilities[i]) | ||
| type: 'OPERATOR', | ||
| string: string | ||
| string: string.toUpperCase() | ||
| } | ||
@@ -58,0 +58,0 @@ } |
| { | ||
| "version": "10.5.1", | ||
| "version": "10.5.2", | ||
| "name": "npm", | ||
@@ -58,4 +58,4 @@ "description": "a package manager for JavaScript", | ||
| "@npmcli/fs": "^3.1.0", | ||
| "@npmcli/map-workspaces": "^3.0.4", | ||
| "@npmcli/package-json": "^5.0.0", | ||
| "@npmcli/map-workspaces": "^3.0.6", | ||
| "@npmcli/package-json": "^5.0.2", | ||
| "@npmcli/promise-spawn": "^7.0.1", | ||
@@ -80,3 +80,3 @@ "@npmcli/redact": "^1.1.0", | ||
| "init-package-json": "^6.0.2", | ||
| "is-cidr": "^5.0.3", | ||
| "is-cidr": "^5.0.5", | ||
| "json-parse-even-better-errors": "^3.0.1", | ||
@@ -117,3 +117,3 @@ "libnpmaccess": "^8.0.1", | ||
| "semver": "^7.6.0", | ||
| "spdx-expression-parse": "^3.0.1", | ||
| "spdx-expression-parse": "^4.0.0", | ||
| "ssri": "^10.0.5", | ||
@@ -205,3 +205,3 @@ "supports-color": "^9.4.0", | ||
| "@npmcli/eslint-config": "^4.0.2", | ||
| "@npmcli/git": "^5.0.4", | ||
| "@npmcli/git": "^5.0.5", | ||
| "@npmcli/mock-globals": "^1.0.0", | ||
@@ -208,0 +208,0 @@ "@npmcli/mock-registry": "^1.0.0", |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.27%
10214719
- Number of package files
- increased by0.6%
2018
- Lines of code
- increased by0.43%
140918
Dependency changes
Updated@npmcli/package-json@^5.0.2
Updatedis-cidr@^5.0.5
Updatedspdx-expression-parse@^4.0.0