Comparing version 12.0.3 to 13.0.0
@@ -7,3 +7,5 @@ #!/usr/bin/env node | ||
case 'resolve': | ||
if (conf.long) | ||
case 'manifest': | ||
case 'packument': | ||
if (conf._[0] === 'resolve' && conf.long) { | ||
return pacote.manifest(conf._[1], conf).then(mani => ({ | ||
@@ -14,4 +16,3 @@ resolved: mani._resolved, | ||
})) | ||
case 'manifest': | ||
case 'packument': | ||
} | ||
return pacote[conf._[0]](conf._[1], conf) | ||
@@ -23,8 +24,9 @@ | ||
stream.pipe(conf.testStdout || | ||
/* istanbul ignore next */ process.stdout) | ||
/* istanbul ignore next */ process.stdout) | ||
// make sure it resolves something falsey | ||
return stream.promise().then(() => {}) | ||
}, conf) | ||
} else | ||
} else { | ||
return pacote.tarball.file(conf._[1], conf._[2], conf) | ||
} | ||
@@ -87,4 +89,5 @@ case 'extract': | ||
const conf = parse(args) | ||
if (conf.help || conf.h) | ||
if (conf.help || conf.h) { | ||
return console.log(usage()) | ||
} | ||
@@ -128,10 +131,10 @@ if (!addedLogListener) { | ||
args.forEach(arg => { | ||
if (dashdash) | ||
if (dashdash) { | ||
conf._.push(arg) | ||
else if (arg === '--') | ||
} else if (arg === '--') { | ||
dashdash = true | ||
else if (arg === '-h') | ||
} else if (arg === '-h') { | ||
conf.help = true | ||
else if (/^--/.test(arg)) { | ||
const {key, value} = parseArg(arg) | ||
} else if (/^--/.test(arg)) { | ||
const { key, value } = parseArg(arg) | ||
conf[key] = value | ||
@@ -145,5 +148,5 @@ } else { | ||
if (module === require.main) | ||
if (module === require.main) { | ||
main(process.argv.slice(2)) | ||
else | ||
} else { | ||
module.exports = { | ||
@@ -156,1 +159,2 @@ main, | ||
} | ||
} |
const Fetcher = require('./fetcher.js') | ||
const FileFetcher = require('./file.js') | ||
const cacache = require('cacache') | ||
const Minipass = require('minipass') | ||
const { promisify } = require('util') | ||
const readPackageJson = require('read-package-json-fast') | ||
const tarCreateOptions = require('./util/tar-create-options.js') | ||
@@ -12,2 +9,3 @@ const packlist = require('npm-packlist') | ||
const { resolve } = require('path') | ||
const _readPackageJson = Symbol.for('package.Fetcher._readPackageJson') | ||
@@ -35,4 +33,5 @@ const runScript = require('@npmcli/run-script') | ||
return this.manifest().then(mani => { | ||
if (!mani.scripts || !mani.scripts.prepare) | ||
if (!mani.scripts || !mani.scripts.prepare) { | ||
return | ||
} | ||
@@ -44,6 +43,5 @@ // we *only* run prepare. | ||
// hide the banner if loglevel is silent, or if prepare running | ||
// hide the banner if silent opt is passed in, or if prepare running | ||
// in the background. | ||
const banner = this.opts.log && this.opts.log.level === 'silent' ? false | ||
: stdio === 'inherit' | ||
const banner = this.opts.silent ? false : stdio === 'inherit' | ||
@@ -82,6 +80,7 @@ return runScript({ | ||
manifest () { | ||
if (this.package) | ||
if (this.package) { | ||
return Promise.resolve(this.package) | ||
} | ||
return readPackageJson(this.resolved + '/package.json') | ||
return this[_readPackageJson](this.resolved + '/package.json') | ||
.then(mani => this.package = { | ||
@@ -88,0 +87,0 @@ ...mani, |
@@ -12,3 +12,3 @@ // This is the base class that the other fetcher types in lib | ||
const tar = require('tar') | ||
const procLog = require('./util/proc-log.js') | ||
const log = require('proc-log') | ||
const retry = require('promise-retry') | ||
@@ -18,3 +18,6 @@ const fsm = require('fs-minipass') | ||
const isPackageBin = require('./util/is-package-bin.js') | ||
const removeTrailingSlashes = require('./util/trailing-slashes.js') | ||
const getContents = require('@npmcli/installed-package-contents') | ||
const readPackageJsonFast = require('read-package-json-fast') | ||
const readPackageJson = promisify(require('read-package-json')) | ||
@@ -46,7 +49,9 @@ // we only change ownership on unix platforms, and only if uid is 0 | ||
const _cacheFetches = Symbol.for('pacote.Fetcher._cacheFetches') | ||
const _readPackageJson = Symbol.for('package.Fetcher._readPackageJson') | ||
class FetcherBase { | ||
constructor (spec, opts) { | ||
if (!opts || typeof opts !== 'object') | ||
if (!opts || typeof opts !== 'object') { | ||
throw new TypeError('options object is required') | ||
} | ||
this.spec = npa(spec, opts.where) | ||
@@ -68,3 +73,3 @@ | ||
// by adding/modifying the integrity value. | ||
this.opts = {...opts} | ||
this.opts = { ...opts } | ||
@@ -79,4 +84,5 @@ this.cache = opts.cache || cacheDir() | ||
if (typeof opts.integrity === 'string') | ||
if (typeof opts.integrity === 'string') { | ||
this.opts.integrity = ssri.parse(opts.integrity) | ||
} | ||
@@ -93,3 +99,2 @@ this.package = null | ||
this.umask = opts.umask || 0 | ||
this.log = opts.log || procLog | ||
@@ -102,6 +107,11 @@ this.preferOnline = !!opts.preferOnline | ||
this.fullMetadata = this.before ? true : !!opts.fullMetadata | ||
this.fullReadJson = !!opts.fullReadJson | ||
if (this.fullReadJson) { | ||
this[_readPackageJson] = readPackageJson | ||
} else { | ||
this[_readPackageJson] = readPackageJsonFast | ||
} | ||
this.defaultTag = opts.defaultTag || 'latest' | ||
this.registry = (opts.registry || 'https://registry.npmjs.org') | ||
.replace(/\/+$/, '') | ||
this.registry = removeTrailingSlashes(opts.registry || 'https://registry.npmjs.org') | ||
@@ -114,3 +124,3 @@ // command to run 'prepare' scripts on directories and git dirs | ||
// command to install deps for preparing | ||
this.npmInstallCmd = opts.npmInstallCmd || [ 'install', '--force' ] | ||
this.npmInstallCmd = opts.npmInstallCmd || ['install', '--force'] | ||
@@ -143,5 +153,7 @@ // XXX fill more of this in based on what we know from this.opts | ||
} | ||
set integrity (i) { | ||
if (!i) | ||
if (!i) { | ||
return | ||
} | ||
@@ -153,6 +165,7 @@ i = ssri.parse(i) | ||
// merge in NEW algos and hashes that we don't already have. | ||
if (current) | ||
if (current) { | ||
current.merge(i) | ||
else | ||
} else { | ||
this.opts.integrity = i | ||
} | ||
} | ||
@@ -225,4 +238,5 @@ | ||
// if not caching this, just pipe through to the istream and return it | ||
if (!this.opts.cache || !this[_cacheFetches]) | ||
if (!this.opts.cache || !this[_cacheFetches]) { | ||
return stream.pipe(istream) | ||
} | ||
@@ -302,17 +316,20 @@ // we have to return a stream that gets ALL the data, and proxies errors, | ||
) ? streamHandler(this[_tarballFromCache]()).catch(er => { | ||
if (this.isDataCorruptionError(er)) { | ||
this.log.warn('tarball', `cached data for ${ | ||
if (this.isDataCorruptionError(er)) { | ||
log.warn('tarball', `cached data for ${ | ||
this.spec | ||
} (${this.integrity}) seems to be corrupted. Refreshing cache.`) | ||
return this.cleanupCached().then(() => { throw er }) | ||
} else { | ||
throw er | ||
} | ||
}) : null | ||
return this.cleanupCached().then(() => { | ||
throw er | ||
}) | ||
} else { | ||
throw er | ||
} | ||
}) : null | ||
const fromResolved = er => { | ||
if (er) { | ||
if (!this.isRetriableError(er)) | ||
if (!this.isRetriableError(er)) { | ||
throw er | ||
this.log.silly('tarball', `no local data for ${ | ||
} | ||
log.silly('tarball', `no local data for ${ | ||
this.spec | ||
@@ -323,3 +340,3 @@ }. Extracting by manifest.`) | ||
streamHandler(this[_istream](this[_tarballFromResolved]())) | ||
.catch(er => { | ||
.catch(er => { | ||
// Most likely data integrity. A cache ENOENT error is unlikely | ||
@@ -329,10 +346,10 @@ // here, since we're definitely not reading from the cache, but it | ||
// entry got blown away or something. Try one more time to be sure. | ||
if (this.isRetriableError(er)) { | ||
this.log.warn('tarball', `tarball data for ${ | ||
if (this.isRetriableError(er)) { | ||
log.warn('tarball', `tarball data for ${ | ||
this.spec | ||
} (${this.integrity}) seems to be corrupted. Trying again.`) | ||
return this.cleanupCached().then(() => tryAgain(er)) | ||
} | ||
throw er | ||
}), { retries: 1, minTimeout: 0, maxTimeout: 0 })) | ||
return this.cleanupCached().then(() => tryAgain(er)) | ||
} | ||
throw er | ||
}), { retries: 1, minTimeout: 0, maxTimeout: 0 })) | ||
} | ||
@@ -354,3 +371,3 @@ | ||
[_empty] (path) { | ||
return getContents({path, depth: 1}).then(contents => Promise.all( | ||
return getContents({ path, depth: 1 }).then(contents => Promise.all( | ||
contents.map(entry => rimraf(entry)))) | ||
@@ -368,3 +385,3 @@ } | ||
? this[_empty](dest).then(() => mkdirp(dest)).then(() => ({})) | ||
: inferOwner(dest).then(({uid, gid}) => | ||
: inferOwner(dest).then(({ uid, gid }) => | ||
this[_empty](dest) | ||
@@ -379,3 +396,3 @@ .then(() => mkdirp(dest)) | ||
}) | ||
.then(() => ({uid, gid}))) | ||
.then(() => ({ uid, gid }))) | ||
} | ||
@@ -386,3 +403,3 @@ | ||
extract (dest) { | ||
return this[_mkdir](dest).then(({uid, gid}) => | ||
return this[_mkdir](dest).then(({ uid, gid }) => | ||
this.tarballStream(tarball => this[_extract](dest, tarball, uid, gid))) | ||
@@ -410,3 +427,3 @@ } | ||
? mkdirp(dir).then(() => this[_toFile](dest)) | ||
: inferOwner(dest).then(({uid, gid}) => | ||
: inferOwner(dest).then(({ uid, gid }) => | ||
mkdirp(dir).then(made => this[_toFile](dest) | ||
@@ -429,4 +446,4 @@ .then(res => this[_chown](made || dir, uid, gid) | ||
extractor.on('error', er => { | ||
this.log.warn('tar', er.message) | ||
this.log.silly('tar', er) | ||
log.warn('tar', er.message) | ||
log.silly('tar', er) | ||
reject(er) | ||
@@ -462,4 +479,5 @@ }) | ||
filter: (name, entry) => { | ||
if (/Link$/.test(entry.type)) | ||
if (/Link$/.test(entry.type)) { | ||
return false | ||
} | ||
entry.mode = this[_entryMode](entry.path, entry.mode, entry.type) | ||
@@ -471,9 +489,10 @@ // this replicates the npm pack behavior where .gitignore files | ||
const base = basename(entry.path) | ||
if (base === '.npmignore') | ||
if (base === '.npmignore') { | ||
sawIgnores.add(entry.path) | ||
else if (base === '.gitignore' && !this.allowGitIgnore) { | ||
} else if (base === '.gitignore' && !this.allowGitIgnore) { | ||
// rename, but only if there's not already a .npmignore | ||
const ni = entry.path.replace(/\.gitignore$/, '.npmignore') | ||
if (sawIgnores.has(ni)) | ||
if (sawIgnores.has(ni)) { | ||
return false | ||
} | ||
entry.path = ni | ||
@@ -487,4 +506,4 @@ } | ||
(code, msg, data) => { | ||
this.log.warn('tar', code, msg) | ||
this.log.silly('tar', code, msg, data) | ||
log.warn('tar', code, msg) | ||
log.silly('tar', code, msg, data) | ||
}, | ||
@@ -491,0 +510,0 @@ uid, |
const Fetcher = require('./fetcher.js') | ||
const fsm = require('fs-minipass') | ||
const cacache = require('cacache') | ||
const { promisify } = require('util') | ||
const readPackageJson = require('read-package-json-fast') | ||
const _tarballFromResolved = Symbol.for('pacote.Fetcher._tarballFromResolved') | ||
@@ -10,2 +8,3 @@ const _exeBins = Symbol('_exeBins') | ||
const fs = require('fs') | ||
const _readPackageJson = Symbol.for('package.Fetcher._readPackageJson') | ||
@@ -24,4 +23,5 @@ class FileFetcher extends Fetcher { | ||
manifest () { | ||
if (this.package) | ||
if (this.package) { | ||
return Promise.resolve(this.package) | ||
} | ||
@@ -31,14 +31,15 @@ // have to unpack the tarball for this. | ||
this.extract(dir) | ||
.then(() => readPackageJson(dir + '/package.json')) | ||
.then(mani => this.package = { | ||
...mani, | ||
_integrity: this.integrity && String(this.integrity), | ||
_resolved: this.resolved, | ||
_from: this.from, | ||
})) | ||
.then(() => this[_readPackageJson](dir + '/package.json')) | ||
.then(mani => this.package = { | ||
...mani, | ||
_integrity: this.integrity && String(this.integrity), | ||
_resolved: this.resolved, | ||
_from: this.from, | ||
})) | ||
} | ||
[_exeBins] (pkg, dest) { | ||
if (!pkg.bin) | ||
if (!pkg.bin) { | ||
return Promise.resolve() | ||
} | ||
@@ -52,7 +53,9 @@ return Promise.all(Object.keys(pkg.bin).map(k => new Promise(res => { | ||
fs.stat(script, (er, st) => { | ||
if (er) | ||
if (er) { | ||
return res() | ||
} | ||
const mode = st.mode | 0o111 | ||
if (mode === st.mode) | ||
if (mode === st.mode) { | ||
return res() | ||
} | ||
fs.chmod(script, mode, res) | ||
@@ -68,4 +71,4 @@ }) | ||
.then(result => this.package ? result | ||
: readPackageJson(dest + '/package.json').then(pkg => | ||
this[_exeBins](pkg, dest)).then(() => result)) | ||
: this[_readPackageJson](dest + '/package.json').then(pkg => | ||
this[_exeBins](pkg, dest)).then(() => result)) | ||
} | ||
@@ -83,3 +86,3 @@ | ||
'dist-tags': { | ||
[this.defaultTag]: mani.version | ||
[this.defaultTag]: mani.version, | ||
}, | ||
@@ -92,5 +95,5 @@ versions: { | ||
integrity: this.integrity && String(this.integrity), | ||
} | ||
} | ||
} | ||
}, | ||
}, | ||
}, | ||
})) | ||
@@ -97,0 +100,0 @@ } |
@@ -9,7 +9,5 @@ const Fetcher = require('./fetcher.js') | ||
const npa = require('npm-package-arg') | ||
const url = require('url') | ||
const Minipass = require('minipass') | ||
const cacache = require('cacache') | ||
const { promisify } = require('util') | ||
const readPackageJson = require('read-package-json-fast') | ||
const log = require('proc-log') | ||
const npm = require('./util/npm.js') | ||
@@ -28,2 +26,3 @@ | ||
const _prepareDir = Symbol('_prepareDir') | ||
const _readPackageJson = Symbol.for('package.Fetcher._readPackageJson') | ||
@@ -45,4 +44,5 @@ // get the repository url. | ||
this.resolvedRef = null | ||
if (this.spec.hosted) | ||
if (this.spec.hosted) { | ||
this.from = this.spec.hosted.shortcut({ noCommittish: false }) | ||
} | ||
@@ -57,4 +57,5 @@ // shortcut: avoid full clone when we can go straight to the tgz | ||
: this.spec.rawSpec | ||
} else | ||
} else { | ||
this.resolvedSha = '' | ||
} | ||
} | ||
@@ -74,4 +75,5 @@ | ||
// but in general, no reason to resolve() more than necessary! | ||
if (this.resolved) | ||
if (this.resolved) { | ||
return super.resolve() | ||
} | ||
@@ -94,8 +96,10 @@ // fetch the git repo and then look at the current hash | ||
// Throw early since we know pathspec errors will fail again if retried | ||
if (er instanceof git.errors.GitPathspecError) | ||
if (er instanceof git.errors.GitPathspecError) { | ||
throw er | ||
} | ||
const ssh = hosted.sshurl && hosted.sshurl() | ||
// no fallthrough if we can't fall through or have https auth | ||
if (!ssh || hosted.auth) | ||
if (!ssh || hosted.auth) { | ||
throw er | ||
} | ||
return this[_resolvedFromRepo](ssh) | ||
@@ -107,4 +111,5 @@ }) | ||
// XXX make this a custom error class | ||
if (!gitRemote) | ||
if (!gitRemote) { | ||
return Promise.reject(new Error(`No git url for ${this.spec}`)) | ||
} | ||
const gitRange = this.spec.gitRange | ||
@@ -114,15 +119,16 @@ const name = this.spec.name | ||
return gitRange ? pickManifest({ | ||
versions: remoteRefs.versions, | ||
'dist-tags': remoteRefs['dist-tags'], | ||
name, | ||
}, gitRange, this.opts) | ||
versions: remoteRefs.versions, | ||
'dist-tags': remoteRefs['dist-tags'], | ||
name, | ||
}, gitRange, this.opts) | ||
: this.spec.gitCommittish ? | ||
remoteRefs.refs[this.spec.gitCommittish] || | ||
remoteRefs.refs[remoteRefs.shas[this.spec.gitCommittish]] | ||
: remoteRefs.refs.HEAD // no git committish, get default head | ||
: remoteRefs.refs.HEAD // no git committish, get default head | ||
}).then(revDoc => { | ||
// the committish provided isn't in the rev list | ||
// things like HEAD~3 or @yesterday can land here. | ||
if (!revDoc || !revDoc.sha) | ||
if (!revDoc || !revDoc.sha) { | ||
return this[_resolvedFromClone]() | ||
} | ||
@@ -156,12 +162,13 @@ this.resolvedRef = revDoc | ||
[_prepareDir] (dir) { | ||
return readPackageJson(dir + '/package.json').then(mani => { | ||
return this[_readPackageJson](dir + '/package.json').then(mani => { | ||
// no need if we aren't going to do any preparation. | ||
const scripts = mani.scripts | ||
if (!scripts || !( | ||
scripts.postinstall || | ||
scripts.postinstall || | ||
scripts.build || | ||
scripts.preinstall || | ||
scripts.install || | ||
scripts.prepare)) | ||
scripts.prepare)) { | ||
return | ||
} | ||
@@ -178,3 +185,3 @@ // to avoid cases where we have an cycle of git deps that depend | ||
if (noPrepare.includes(this.resolved)) { | ||
this.log.info('prepare', 'skip prepare, already seen', this.resolved) | ||
log.info('prepare', 'skip prepare, already seen', this.resolved) | ||
return | ||
@@ -215,5 +222,5 @@ } | ||
}))).catch( | ||
/* istanbul ignore next: very unlikely and hard to test */ | ||
er => stream.emit('error', er) | ||
) | ||
/* istanbul ignore next: very unlikely and hard to test */ | ||
er => stream.emit('error', er) | ||
) | ||
return stream | ||
@@ -251,6 +258,7 @@ } | ||
// fall back to ssh download if tarball fails | ||
if (er.constructor.name.match(/^Http/)) | ||
if (er.constructor.name.match(/^Http/)) { | ||
return this[_clone](handler, false) | ||
else | ||
} else { | ||
throw er | ||
} | ||
}) | ||
@@ -264,6 +272,7 @@ } | ||
this.resolvedSha = sha | ||
if (!this.resolved) | ||
if (!this.resolved) { | ||
this[_addGitSha](sha) | ||
} | ||
}) | ||
.then(() => handler(tmp)) | ||
.then(() => handler(tmp)) | ||
}) | ||
@@ -282,8 +291,10 @@ } | ||
// Throw early since we know pathspec errors will fail again if retried | ||
if (er instanceof git.errors.GitPathspecError) | ||
if (er instanceof git.errors.GitPathspecError) { | ||
throw er | ||
} | ||
const ssh = hosted.sshurl && hosted.sshurl({ noCommittish: true }) | ||
// no fallthrough if we can't fall through or have https auth | ||
if (!ssh || hosted.auth) | ||
if (!ssh || hosted.auth) { | ||
throw er | ||
} | ||
return this[_cloneRepo](ssh, ref, tmp) | ||
@@ -299,4 +310,5 @@ }) | ||
manifest () { | ||
if (this.package) | ||
if (this.package) { | ||
return Promise.resolve(this.package) | ||
} | ||
@@ -306,9 +318,9 @@ return this.spec.hosted && this.resolved | ||
: this[_clone](dir => | ||
readPackageJson(dir + '/package.json') | ||
.then(mani => this.package = { | ||
...mani, | ||
_integrity: this.integrity && String(this.integrity), | ||
_resolved: this.resolved, | ||
_from: this.from, | ||
})) | ||
this[_readPackageJson](dir + '/package.json') | ||
.then(mani => this.package = { | ||
...mani, | ||
_integrity: this.integrity && String(this.integrity), | ||
_resolved: this.resolved, | ||
_from: this.from, | ||
})) | ||
} | ||
@@ -315,0 +327,0 @@ |
@@ -5,2 +5,3 @@ const Fetcher = require('./fetcher.js') | ||
const pacoteVersion = require('../package.json').version | ||
const removeTrailingSlashes = require('./util/trailing-slashes.js') | ||
const npa = require('npm-package-arg') | ||
@@ -10,3 +11,2 @@ const rpj = require('read-package-json-fast') | ||
const ssri = require('ssri') | ||
const Minipass = require('minipass') | ||
@@ -37,6 +37,7 @@ // Corgis are cute. 🐕🐶 | ||
this.spec.rawSpec === '' && | ||
this.defaultTag !== 'latest') | ||
this.defaultTag !== 'latest') { | ||
this.spec = npa(`${this.spec.name}@${this.defaultTag}`) | ||
} | ||
this.registry = fetch.pickRegistry(spec, opts) | ||
this.packumentUrl = this.registry.replace(/\/*$/, '/') + | ||
this.packumentUrl = removeTrailingSlashes(this.registry) + '/' + | ||
this.spec.escapedName | ||
@@ -51,9 +52,11 @@ | ||
resolve () { | ||
if (this.resolved) | ||
if (this.resolved) { | ||
return Promise.resolve(this.resolved) | ||
} | ||
// fetching the manifest sets resolved and (usually) integrity | ||
return this.manifest().then(() => { | ||
if (this.resolved) | ||
if (this.resolved) { | ||
return this.resolved | ||
} | ||
@@ -84,4 +87,5 @@ throw Object.assign( | ||
// one request at a time for the same thing regardless. | ||
if (this.packumentCache && this.packumentCache.has(this.packumentUrl)) | ||
if (this.packumentCache && this.packumentCache.has(this.packumentUrl)) { | ||
return this.packumentCache.get(this.packumentUrl) | ||
} | ||
@@ -100,8 +104,10 @@ // npm-registry-fetch the packument | ||
packument._contentLength = +res.headers.get('content-length') | ||
if (this.packumentCache) | ||
if (this.packumentCache) { | ||
this.packumentCache.set(this.packumentUrl, packument) | ||
} | ||
return packument | ||
})).catch(er => { | ||
if (this.packumentCache) | ||
if (this.packumentCache) { | ||
this.packumentCache.delete(this.packumentUrl) | ||
} | ||
if (er.code === 'E404' && !this.fullMetadata) { | ||
@@ -114,4 +120,5 @@ // possible that corgis are not supported by this registry | ||
}) | ||
if (this.packumentCache) | ||
if (this.packumentCache) { | ||
this.packumentCache.set(this.packumentUrl, p) | ||
} | ||
return p | ||
@@ -121,4 +128,5 @@ } | ||
manifest () { | ||
if (this.package) | ||
if (this.package) { | ||
return Promise.resolve(this.package) | ||
} | ||
@@ -138,8 +146,8 @@ return this.packument() | ||
const distIntegrity = dist.integrity ? ssri.parse(dist.integrity) | ||
: dist.shasum ? ssri.fromHex(dist.shasum, 'sha1', {...this.opts}) | ||
: dist.shasum ? ssri.fromHex(dist.shasum, 'sha1', { ...this.opts }) | ||
: null | ||
if (distIntegrity) { | ||
if (!this.integrity) | ||
if (!this.integrity) { | ||
this.integrity = distIntegrity | ||
else if (!this.integrity.match(distIntegrity)) { | ||
} else if (!this.integrity.match(distIntegrity)) { | ||
// only bork if they have algos in common. | ||
@@ -155,3 +163,3 @@ // otherwise we end up breaking if we have saved a sha512 | ||
throw Object.assign(new Error( | ||
`Integrity checksum failed when using ${algo}: `+ | ||
`Integrity checksum failed when using ${algo}: ` + | ||
`wanted ${this.integrity} but got ${distIntegrity}.` | ||
@@ -168,4 +176,5 @@ ), { code: 'EINTEGRITY' }) | ||
} | ||
if (this.integrity) | ||
if (this.integrity) { | ||
mani._integrity = String(this.integrity) | ||
} | ||
this.package = rpj.normalize(mani) | ||
@@ -172,0 +181,0 @@ return this.package |
@@ -6,3 +6,2 @@ const Fetcher = require('./fetcher.js') | ||
const fetch = require('npm-registry-fetch') | ||
const ssri = require('ssri') | ||
const Minipass = require('minipass') | ||
@@ -18,4 +17,5 @@ // The default registry URL is a string of great magic. | ||
this.resolved = this.spec.fetchSpec | ||
if (magic.test(this.resolved) && !magic.test(this.registry + '/')) | ||
if (magic.test(this.resolved) && !magic.test(this.registry + '/')) { | ||
this.resolved = this.resolved.replace(magic, this.registry + '/') | ||
} | ||
@@ -40,3 +40,3 @@ // nam is a fermented pork sausage that is good to eat | ||
integrity: this.integrity, | ||
algorithms: [ this.pickIntegrityAlgorithm() ], | ||
algorithms: [this.pickIntegrityAlgorithm()], | ||
} | ||
@@ -68,3 +68,3 @@ fetch(this.resolved, fetchOpts).then(res => { | ||
...(this.integrity ? { 'pacote-integrity': String(this.integrity) } | ||
: {}), | ||
: {}), | ||
...(this.opts.headers || {}), | ||
@@ -71,0 +71,0 @@ } |
const os = require('os') | ||
const {resolve} = require('path') | ||
const { resolve } = require('path') | ||
@@ -4,0 +4,0 @@ module.exports = (fakePlatform = false) => { |
@@ -15,6 +15,7 @@ // Function to determine whether a path is in the package.bin set. | ||
const bin = binObj(pkg.name, pkg.bin) | ||
const p = path.replace(/^[^\\\/]*\//, '') | ||
for (const [k, v] of Object.entries(bin)) { | ||
if (v === p) | ||
const p = path.replace(/^[^\\/]*\//, '') | ||
for (const kv of Object.entries(bin)) { | ||
if (kv[1] === p) { | ||
return true | ||
} | ||
} | ||
@@ -21,0 +22,0 @@ return false |
// run an npm command | ||
const spawn = require('@npmcli/promise-spawn') | ||
const {dirname} = require('path') | ||
@@ -5,0 +4,0 @@ module.exports = (npmBin, npmCommand, cwd, env, extra) => { |
@@ -12,3 +12,3 @@ const isPackageBin = require('./is-package-bin.js') | ||
// end results after compression | ||
level: 9 | ||
level: 9, | ||
}, | ||
@@ -21,4 +21,5 @@ | ||
filter: (path, stat) => { | ||
if (isPackageBin(manifest, path)) | ||
if (isPackageBin(manifest, path)) { | ||
stat.mode |= 0o111 | ||
} | ||
return true | ||
@@ -25,0 +26,0 @@ }, |
{ | ||
"name": "pacote", | ||
"version": "12.0.3", | ||
"version": "13.0.0", | ||
"description": "JavaScript package downloader", | ||
"author": "Isaac Z. Schlueter <i@izs.me> (https://izs.me)", | ||
"author": "GitHub Inc.", | ||
"bin": { | ||
@@ -16,3 +16,8 @@ "pacote": "lib/bin.js" | ||
"postversion": "npm publish", | ||
"prepublishOnly": "git push origin --follow-tags" | ||
"prepublishOnly": "git push origin --follow-tags", | ||
"lint": "eslint '**/*.js'", | ||
"postlint": "npm-template-check", | ||
"lintfix": "npm run lint -- --fix", | ||
"posttest": "npm run lint", | ||
"template-copy": "npm-template-copy --force" | ||
}, | ||
@@ -24,8 +29,10 @@ "tap": { | ||
"devDependencies": { | ||
"@npmcli/template-oss": "^2.7.1", | ||
"mutate-fs": "^2.1.1", | ||
"npm-registry-mock": "^1.3.1", | ||
"tap": "^15.0.4" | ||
"tap": "^15.1.6" | ||
}, | ||
"files": [ | ||
"lib/**/*.js" | ||
"bin", | ||
"lib" | ||
], | ||
@@ -39,20 +46,22 @@ "keywords": [ | ||
"@npmcli/git": "^2.1.0", | ||
"@npmcli/installed-package-contents": "^1.0.6", | ||
"@npmcli/installed-package-contents": "^1.0.7", | ||
"@npmcli/promise-spawn": "^1.2.0", | ||
"@npmcli/run-script": "^2.0.0", | ||
"cacache": "^15.0.5", | ||
"cacache": "^15.3.0", | ||
"chownr": "^2.0.0", | ||
"fs-minipass": "^2.1.0", | ||
"infer-owner": "^1.0.4", | ||
"minipass": "^3.1.3", | ||
"mkdirp": "^1.0.3", | ||
"npm-package-arg": "^8.0.1", | ||
"minipass": "^3.1.6", | ||
"mkdirp": "^1.0.4", | ||
"npm-package-arg": "^9.0.0", | ||
"npm-packlist": "^3.0.0", | ||
"npm-pick-manifest": "^6.0.0", | ||
"npm-registry-fetch": "^12.0.0", | ||
"npm-pick-manifest": "^7.0.0", | ||
"npm-registry-fetch": "^12.0.2", | ||
"proc-log": "^2.0.0", | ||
"promise-retry": "^2.0.1", | ||
"read-package-json-fast": "^2.0.1", | ||
"read-package-json": "^4.1.1", | ||
"read-package-json-fast": "^2.0.3", | ||
"rimraf": "^3.0.2", | ||
"ssri": "^8.0.1", | ||
"tar": "^6.1.0" | ||
"tar": "^6.1.11" | ||
}, | ||
@@ -62,3 +71,7 @@ "engines": { | ||
}, | ||
"repository": "git@github.com:npm/pacote" | ||
"repository": "git@github.com:npm/pacote", | ||
"templateOSS": { | ||
"version": "2.7.1", | ||
"windowsCI": false | ||
} | ||
} |
@@ -149,6 +149,2 @@ # pacote | ||
`0o777`. See "Extracted File Modes" below. | ||
* `log` A logger object with methods for various log levels. Typically, | ||
this will be [`npmlog`](http://npm.im/npmlog) in the npm CLI use case, | ||
but if not specified, the default is a logger that emits `'log'` events | ||
on the `process` object. | ||
* `preferOnline` Prefer to revalidate cache entries, even when it would not | ||
@@ -166,2 +162,5 @@ be strictly necessary. Default `false`. | ||
version publish time is part of the extended packument metadata. | ||
* `fullReadJson` Use the slower `read-package-json` package insted of | ||
`read-package-json-fast` in order to include extra fields like "readme" in | ||
the manifest. Defaults to `false`. | ||
* `packumentCache` For registry packuments only, you may provide a `Map` | ||
@@ -172,2 +171,4 @@ object which will be used to cache packument requests between pacote | ||
is unlikely to change in the span of a single command. | ||
* `silent` A boolean that determines whether the banner is displayed | ||
when calling `@npmcli/run-script`. | ||
@@ -174,0 +175,0 @@ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
66592
1414
273
21
4
+ Addedproc-log@^2.0.0
+ Addedread-package-json@^4.1.1
+ Addedbuiltins@5.1.0(transitive)
+ Addedfunction-bind@1.1.2(transitive)
+ Addedhasown@2.0.2(transitive)
+ Addedhosted-git-info@5.2.1(transitive)
+ Addedis-core-module@2.15.1(transitive)
+ Addednormalize-package-data@3.0.3(transitive)
+ Addednpm-install-checks@5.0.0(transitive)
+ Addednpm-normalize-package-bin@2.0.0(transitive)
+ Addednpm-package-arg@9.1.2(transitive)
+ Addednpm-pick-manifest@7.0.2(transitive)
+ Addedproc-log@2.0.1(transitive)
+ Addedread-package-json@4.1.2(transitive)
+ Addedspdx-correct@3.2.0(transitive)
+ Addedspdx-exceptions@2.5.0(transitive)
+ Addedspdx-expression-parse@3.0.1(transitive)
+ Addedspdx-license-ids@3.0.20(transitive)
+ Addedvalidate-npm-package-license@3.0.4(transitive)
+ Addedvalidate-npm-package-name@4.0.0(transitive)
Updatedcacache@^15.3.0
Updatedminipass@^3.1.6
Updatedmkdirp@^1.0.4
Updatednpm-package-arg@^9.0.0
Updatednpm-pick-manifest@^7.0.0
Updatednpm-registry-fetch@^12.0.2
Updatedtar@^6.1.11