pacote
Advanced tools
Comparing version 15.1.3 to 15.2.0
@@ -64,3 +64,4 @@ // This is the base class that the other fetcher types in lib | ||
this.cache = opts.cache || cacheDir() | ||
this.cache = opts.cache || cacheDir().cacache | ||
this.tufCache = opts.tufCache || cacheDir().tufcache | ||
this.resolved = opts.resolved || null | ||
@@ -67,0 +68,0 @@ |
@@ -298,3 +298,6 @@ const Fetcher = require('./fetcher.js') | ||
// specify a public key from the keys endpoint: `registry-host.tld/-/npm/v1/keys` | ||
const options = { keySelector: publicKey ? () => publicKey.pemkey : undefined } | ||
const options = { | ||
tufCachePath: this.tufCache, | ||
keySelector: publicKey ? () => publicKey.pemkey : undefined, | ||
} | ||
await sigstore.verify(bundle, null, options) | ||
@@ -301,0 +304,0 @@ } catch (e) { |
@@ -11,3 +11,6 @@ const os = require('os') | ||
const cacheRoot = (platform === 'win32' && process.env.LOCALAPPDATA) || home | ||
return resolve(cacheRoot, cacheExtra, '_cacache') | ||
return { | ||
cacache: resolve(cacheRoot, cacheExtra, '_cacache'), | ||
tufcache: resolve(cacheRoot, cacheExtra, '_tuf'), | ||
} | ||
} |
{ | ||
"name": "pacote", | ||
"version": "15.1.3", | ||
"version": "15.2.0", | ||
"description": "JavaScript package downloader", | ||
@@ -5,0 +5,0 @@ "author": "GitHub Inc.", |
@@ -178,2 +178,5 @@ # pacote | ||
config that is scoped to the registry the manifest is being fetched from. | ||
* `tufCache` Where to store metadata/target files when retrieving the package | ||
attestation key material via TUF. Defaults to the same cache directory that | ||
npm will use by default, based on platform and environment. | ||
@@ -180,0 +183,0 @@ ### Advanced API |
73986
1565
286