Comparing version 2.7.18 to 2.7.19
@@ -5,2 +5,12 @@ # Change Log | ||
<a name="2.7.19"></a> | ||
## [2.7.19](https://github.com/zkat/pacote/compare/v2.7.18...v2.7.19) (2017-05-25) | ||
### Bug Fixes | ||
* **registry:** respect alwaysAuth ([150788a](https://github.com/zkat/pacote/commit/150788a)) | ||
<a name="2.7.18"></a> | ||
@@ -7,0 +17,0 @@ ## [2.7.18](https://github.com/zkat/pacote/compare/v2.7.17...v2.7.18) (2017-05-25) |
@@ -82,10 +82,13 @@ 'use strict' | ||
opts.auth && | ||
// If these two are on different hosts, don't send credentials. | ||
// This is mainly used by the tarball fetcher. | ||
url.parse(uri).host === url.parse(registry).host && | ||
opts.auth[registryKey(registry)] | ||
) | ||
if (auth && auth.token) { | ||
// If a tarball is hosted on a different place than the manifest, only send | ||
// credentials on `alwaysAuth` | ||
const shouldAuth = auth && ( | ||
auth.alwaysAuth || | ||
url.parse(uri).host === url.parse(registry).host | ||
) | ||
if (shouldAuth && auth.token) { | ||
headers.authorization = `Bearer ${auth.token}` | ||
} else if (auth && opts.alwaysAuth && auth.username && auth.password) { | ||
} else if (shouldAuth && auth.username && auth.password) { | ||
const encoded = Buffer.from( | ||
@@ -92,0 +95,0 @@ `${auth.username}:${auth.password}`, 'utf8' |
{ | ||
"name": "pacote", | ||
"version": "2.7.18", | ||
"version": "2.7.19", | ||
"description": "JavaScript package downloader", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
77703
1532