Socket
Socket
Sign inDemoInstall

pacote

Package Overview
Dependencies
143
Maintainers
1
Versions
220
Alerts
File Explorer

Advanced tools

npm Scripts
License

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 0.1.0 to 0.1.1

11

extract.js
var cache = require('./lib/cache')
var gunzip = require('./lib/util/gunzip-maybe')
var extractStream = require('./lib/util/extract-stream')
var pipe = require('mississippi').pipe
var pipeline = require('mississippi').pipeline
var optCheck = require('./lib/util/opt-check')
var rps = require('realize-package-specifier')
var tar = require('tar-fs')

@@ -16,8 +14,3 @@ module.exports = extract

opts = optCheck(opts)
var xtractor = pipeline(gunzip(), tar.extract(dest, {
map: function (header) {
header.name = header.name.replace(/^package\//, '')
return header
}
}))
var xtractor = extractStream(dest, opts)
var caStream = cache.get.stream.byDigest(opts.cache, opts.digest, opts)

@@ -24,0 +17,0 @@ if (opts.digest) {

34

lib/registry/manifest.js

@@ -1,2 +0,2 @@

var request = require('./request')
var extractShrinkwrap = require('../util/extract-shrinkwrap')
var optCheck = require('../util/opt-check')

@@ -6,2 +6,4 @@ var pickManifest = require('./pick-manifest')

var url = require('url')
var request = require('./request')
var tarball = require('./tarball')

@@ -34,3 +36,3 @@ module.exports = manifest

)
cb(null, manifest)
ensureShrinkwrap(manifest, registry, opts, cb)
})

@@ -46,1 +48,29 @@ })

}
function ensureShrinkwrap (manifest, registry, opts, cb) {
if (manifest._hasShrinkwrap === false || manifest._shrinkwrap || !manifest.dist) {
opts.log.silly('registry.manifest', 'shrinkwrap extraction not needed')
cb(null, manifest)
} else {
opts.log.silly('registry.manifest', 'extracting shrinkwrap')
opts.memoize = false
var shrinkwrap
var tarstream = tarball.fromManifest(manifest, registry, opts)
extractShrinkwrap(tarstream, opts, function (err, sr) {
if (err) { return cb(err) }
shrinkwrap = sr
})
tarstream.on('data', function () {})
tarstream.on('error', cb)
tarstream.on('end', function () {
manifest._hasShrinkwrap = !!shrinkwrap
manifest._shrinkwrap = shrinkwrap
if (shrinkwrap) {
opts.log.silly('registry.manifest', 'shrinkwrap found')
} else {
opts.log.silly('registry.manifest', 'no shrinkwrap')
}
cb(null, manifest)
})
}
}

5

lib/registry/request.js

@@ -145,4 +145,5 @@ var cache = require('../cache')

!meta.time ||
meta.cacheControl === 'immutable' ||
opts.preferOffline || opts.offline) {
(meta.cacheControl && meta.cacheControl.toLowerCase() === 'immutable') ||
opts.preferOffline ||
opts.offline) {
opts.log.silly('registry.get', 'skipping staleness check for')

@@ -149,0 +150,0 @@ return false

15

lib/registry/tarball.js

@@ -23,9 +23,4 @@ var manifest = require('./manifest')

)
var uri = manifest.dist && manifest.dist.tarball
if (!uri) {
return stream.emit('error', new Error('tarball uri missing'))
}
opts.digest = manifest.dist.shasum
pipe(
request.stream(uri, registry, opts),
fromManifest(manifest, registry),
stream

@@ -36,1 +31,9 @@ )

}
module.exports.fromManifest = fromManifest
function fromManifest (manifest, registry, opts) {
opts = optCheck(opts)
var uri = manifest.dist && manifest.dist.tarball
opts.digest = manifest.dist && manifest.dist.shasum
return request.stream(uri, registry, opts)
}

4

lib/util/extract-shrinkwrap.js
var finished = require('mississippi').finished
var gunzip = require('gunzip-maybe')
var gunzip = require('./gunzip-maybe')
var pipe = require('mississippi').pipe

@@ -47,3 +47,3 @@ var pipeline = require('mississippi').pipeline

// from continuing to waste resources on tarball parsing.
unzipped.destroy()
unzipped.unpipe()
cb(null, shrinkwrap)

@@ -50,0 +50,0 @@ })

2

lib/util/extract-stream.js

@@ -1,2 +0,2 @@

var gunzip = require('gunzip-maybe')
var gunzip = require('./gunzip-maybe')
var path = require('path')

@@ -3,0 +3,0 @@ var pipeline = require('mississippi').pipeline

3

package.json
{
"name": "pacote",
"version": "0.1.0",
"version": "0.1.1",
"description": "JavaScript package downloader",

@@ -27,3 +27,2 @@ "main": "index.js",

"dezalgo": "^1.0.3",
"gunzip-maybe": "^1.3.1",
"inflight": "^1.0.6",

@@ -30,0 +29,0 @@ "mississippi": "^1.2.0",

15

README.md

@@ -31,9 +31,8 @@ # pacote [![npm version](https://img.shields.io/npm/v/pacote.svg)](https://npm.im/pacote) [![license](https://img.shields.io/npm/l/pacote.svg)](https://npm.im/pacote) [![Travis](https://img.shields.io/travis/zkat/pacote.svg)](https://travis-ci.org/zkat/pacote) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/pacote?svg=true)](https://ci.appveyor.com/project/zkat/pacote) [![Coverage Status](https://coveralls.io/repos/github/zkat/pacote/badge.svg?branch=latest)](https://coveralls.io/github/zkat/pacote?branch=latest)

pacote.manifest('pacote@^1', function (err, pkg) {
console.log('package.json from github: ', pkg)
console.log('package manifest for registry pkg:', pkg)
// { "name": "pacote", "version": "1.0.0", ... }
})
pacote.extract('http://hi.com/pkg.tgz', 'deadbeef', './-here', function (err) {
console.log('if `deadbeef` is present in the cache, network is skipped')
console.log('tarball contents extracted to ./here')
pacote.extract('http://hi.com/pkg.tgz', './here', function (err) {
console.log('remote tarball contents extracted to ./here')
})

@@ -45,4 +44,5 @@ ```

* simple interface to common package-related actions.
* supports all package types.
* fault-tolerant, fast, content-addressable cache.
* supports all package types npm does.
* fast cache
* offline mode
* authentication support (private git, private npm registries, etc)

@@ -68,5 +68,2 @@ * npm-compatible for all relevant operations

Manifests returned will additionally include the `npm-shrinkwrap.json`
associated with the published package, if any.
##### Example

@@ -73,0 +70,0 @@

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc