Comparing version 1.8.1 to 1.8.2
'use strict' | ||
const url = require('url') | ||
const { findPackageInYarnLock, findEntryInPackageLock } = require('../../util/traverse') | ||
const { formatNpmIntegrity, formatYarnIntegrity, parseIntegrity, sha1ToHexChecksum, hexChecksumToSha1 } = require('./integrity') | ||
const { npmRequires } = require('./dependencies') | ||
const url = require('url') | ||
const parse = (input) => new url.URL(input) | ||
const parse = (input) => url.parse ? url.parse(input) : new url.URL(input) // eslint-disable-line | ||
const GITHUB_REGEX = /^\/([^/]+\/[^/]+)\/tar\.gz\/([0-9a-f]+)$/ | ||
@@ -22,9 +23,8 @@ | ||
} | ||
const isTarball = /^https?:\/\//.test(request) | ||
const resolved = yarnResolved.replace(/#.*$/, '') | ||
const hexChecksum = yarnResolved.replace(/^.*#/, '') | ||
const intergityFromUrlHash = Buffer.from(hexChecksum, 'hex').toString('base64') | ||
const integrity = (intergityFromUrlHash ? 'sha1-' + intergityFromUrlHash : integrityField) || undefined | ||
const integrity = formatNpmIntegrity(hexChecksumToSha1(hexChecksum), integrityField) | ||
const isTarball = /^https?:\/\//.test(request) | ||
if (isTarball) { | ||
@@ -53,6 +53,4 @@ return { | ||
if (integrity) { | ||
const hexChecksum = /^sha1-/.test(integrity) | ||
? Buffer.from(integrity.replace(/^sha1-/, ''), 'base64').toString('hex') | ||
: Buffer.from(integrity.replace(/^sha512-/, ''), 'base64').toString('hex') | ||
// see caveats in README | ||
const hexChecksum = sha1ToHexChecksum(integrity) | ||
// see caveats in README | ||
result = `${result}#${hexChecksum}` | ||
@@ -93,4 +91,4 @@ } | ||
} = entryInNpmFile | ||
const yarnStyleResolved = npmToYarnResolved(resolved || version, integrity) | ||
const integrityChunks = parseIntegrity(integrity) | ||
const yarnStyleResolved = npmToYarnResolved(resolved || version, integrityChunks.sha1) | ||
const existingPackage = tree[name] || {} | ||
@@ -104,6 +102,7 @@ const existingPackageVersion = tree[name] && tree[name][version] | ||
Object.keys(optionalDependencies).length > 0 | ||
return Object.assign({}, existingPackage, { | ||
[version]: Object.assign({}, existingPackageVersion, { | ||
resolved: yarnStyleResolved, | ||
integrity | ||
integrity: formatYarnIntegrity(integrityChunks.sha512 || integrityChunks.sha1) | ||
}, | ||
@@ -110,0 +109,0 @@ hasDeps ? { dependencies } : {}, |
@@ -21,3 +21,3 @@ 'use strict' | ||
dependencies | ||
}) | ||
}, null, 2) | ||
}, | ||
@@ -24,0 +24,0 @@ convertNpmV1ToYarn (packageLockFileString, packageDir) { |
@@ -48,3 +48,5 @@ 'use strict' | ||
dependencies: deps, | ||
dev: entry.dev | ||
dev: entry.dev, | ||
engines: pkgJson.engines, | ||
bin: pkgJson.bin | ||
} | ||
@@ -72,3 +74,11 @@ } | ||
// append root package | ||
'': pick(packageJson, 'name', 'version', 'license', 'workspaces', 'dependencies', 'devDependencies', 'optionalDependencies'), | ||
'': pick(packageJson, | ||
'name', | ||
'version', | ||
'license', | ||
'workspaces', | ||
'dependencies', | ||
'devDependencies', | ||
'optionalDependencies' | ||
), | ||
...flattenDeps(dependencies) | ||
@@ -75,0 +85,0 @@ }) |
@@ -0,1 +1,3 @@ | ||
'use strict' | ||
const glob = require('bash-glob') | ||
@@ -2,0 +4,0 @@ const { sep, resolve } = require('path') |
{ | ||
"name": "synp", | ||
"version": "1.8.1", | ||
"version": "1.8.2", | ||
"description": "Convert yarn.lock to package-lock.json and vice versa", | ||
@@ -34,3 +34,3 @@ "keywords": [ | ||
"colors": "^1.4.0", | ||
"commander": "^6.0.0", | ||
"commander": "^6.1.0", | ||
"eol": "^0.9.1", | ||
@@ -43,5 +43,10 @@ "lodash": "4.17.20", | ||
"devDependencies": { | ||
"@semantic-release/changelog": "^5.0.1", | ||
"@semantic-release/git": "^9.0.0", | ||
"@semantic-release/github": "^7.0.7", | ||
"@semantic-release/npm": "^7.0.5", | ||
"coveralls": "^3.1.0", | ||
"nyc": "15.1.0", | ||
"sinon": "^4.5.0", | ||
"semantic-release": "^17.1.1", | ||
"sinon": "^9.0.3", | ||
"standard": "^14.3.4", | ||
@@ -48,0 +53,0 @@ "tape": "^5.0.1" |
@@ -11,3 +11,3 @@ 'use strict' | ||
t.plan(4) | ||
const sandbox = sinon.sandbox.create() | ||
const sandbox = sinon.createSandbox() | ||
try { | ||
@@ -53,3 +53,3 @@ const packagePath = '/foo/bar/baz' | ||
t.plan(4) | ||
const sandbox = sinon.sandbox.create() | ||
const sandbox = sinon.createSandbox() | ||
try { | ||
@@ -95,3 +95,3 @@ const packagePath = '/foo/bar/baz' | ||
t.plan(5) | ||
const sandbox = sinon.sandbox.create() | ||
const sandbox = sinon.createSandbox() | ||
try { | ||
@@ -127,3 +127,3 @@ const packagePath = '/foo/bar/baz' | ||
t.plan(5) | ||
const sandbox = sinon.sandbox.create() | ||
const sandbox = sinon.createSandbox() | ||
try { | ||
@@ -159,3 +159,3 @@ const packagePath = '/foo/bar/baz' | ||
t.plan(5) | ||
const sandbox = sinon.sandbox.create() | ||
const sandbox = sinon.createSandbox() | ||
try { | ||
@@ -192,3 +192,3 @@ const packagePath = '/foo/bar/baz' | ||
t.plan(5) | ||
const sandbox = sinon.sandbox.create() | ||
const sandbox = sinon.createSandbox() | ||
try { | ||
@@ -217,3 +217,3 @@ const packagePath = '/foo/bar/baz' | ||
t.plan(5) | ||
const sandbox = sinon.sandbox.create() | ||
const sandbox = sinon.createSandbox() | ||
try { | ||
@@ -242,3 +242,3 @@ const packagePath = '/foo/bar/baz' | ||
t.plan(4) | ||
const sandbox = sinon.sandbox.create() | ||
const sandbox = sinon.createSandbox() | ||
try { | ||
@@ -277,3 +277,3 @@ const packagePath = '/foo/bar/baz' | ||
t.plan(4) | ||
const sandbox = sinon.sandbox.create() | ||
const sandbox = sinon.createSandbox() | ||
try { | ||
@@ -280,0 +280,0 @@ const packagePath = '/foo/bar/baz' |
@@ -345,3 +345,41 @@ 'use strict' | ||
const path = `${__dirname}/fixtures/integrity-is-absent` | ||
const yarnLock = fs.readFileSync(`${path}/.yarn-lock-snapshot`, 'utf-8') | ||
const yarnLockSnap = fs.readFileSync(`${path}/.yarn-lock-snapshot`, 'utf-8') | ||
const yarnLock = npmToYarn(path) | ||
t.deepEquals( | ||
lockfile.parse(yarnLock), | ||
lockfile.parse(yarnLockSnap), | ||
'result is equal to yarn.lock snapshot' | ||
) | ||
} catch (e) { | ||
t.fail(e.stack) | ||
t.end() | ||
} | ||
}) | ||
test('translate yarn.lock to package-lock.json and vice versa when integrity contains several hashes', async t => { | ||
try { | ||
t.plan(2) | ||
const path = `${__dirname}/fixtures/integrity-mix` | ||
const packageLockSnap = fs.readFileSync(`${path}/.package-lock-snapshot.json`, 'utf-8') | ||
const yarnLockSnap = fs.readFileSync(`${path}/.yarn-lock-snapshot`, 'utf-8') | ||
fs.writeFileSync(`${path}/yarn.lock`, yarnLockSnap) | ||
const pkgLock = yarnToNpm(path) | ||
t.deepEquals( | ||
JSON.parse(pkgLock), | ||
JSON.parse(packageLockSnap), | ||
'result is equal to package-lock.json snapshot' | ||
) | ||
fs.writeFileSync(`${path}/package-lock.json`, packageLockSnap) | ||
const yarnLock = npmToYarn(path) | ||
t.deepEquals( | ||
lockfile.parse(yarnLock), | ||
lockfile.parse(yarnLockSnap), | ||
'result is equal to yarn.lock snapshot' | ||
) | ||
/* const yarnLock = fs.readFileSync(`${path}/.yarn-lock-snapshot`, 'utf-8') | ||
const res = npmToYarn(path) | ||
@@ -353,3 +391,3 @@ | ||
'result is equal to yarn.lock snapshot' | ||
) | ||
) */ | ||
} catch (e) { | ||
@@ -468,2 +506,3 @@ t.fail(e.stack) | ||
const packageLock = yarnToNpm(path, withWorkspace) | ||
t.deepEquals( | ||
@@ -477,2 +516,3 @@ JSON.parse(packageLock), | ||
const yarnLock = npmToYarn(path, withWorkspace) | ||
t.deepEquals( | ||
@@ -479,0 +519,0 @@ lockfile.parse(yarnLock), |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
30
1559
60199
10
1
Updatedcommander@^6.1.0