Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Only allow plugin update functionality when installed from npm #2356

Merged
merged 2 commits into from
Oct 11, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
### Fixes

- [#2355: Prevent management pages using "plugin" GOV.UK Frontend views](https://github.com/alphagov/govuk-prototype-kit/pull/2355)
- [#2356: Only allow plugin update functionality when installed from npm](https://github.com/alphagov/govuk-prototype-kit/pull/2356)
- [#2358: Suppress Sass warnings for `$legacy` deprecated colour palette](https://github.com/alphagov/govuk-prototype-kit/pull/2358)

## 13.13.4
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -80,18 +80,23 @@ describe('Management plugins: ', () => {

loadPluginsPage()

cy.get('#plugins-updates-available-message').should('not.exist')

cy.visit(`${managePluginsPagePath}/install?package=${encodeURIComponent(plugin)}&version=${version1}`)

cy.get('#plugin-action-button').click()

performPluginAction('install', plugin, pluginName)

cy.get('#plugins-updates-available-message').contains('1 UPDATE AVAILABLE')

// ------------------------

log(`Update the ${plugin}@${version1} plugin to ${plugin}@${version2}`)
installPlugin(plugin, version1)

loadInstalledPluginsPage()

log(`Update the ${plugin} plugin`)

cy.get(`[data-plugin-package-name="${plugin}"]`)
Expand All @@ -101,6 +106,8 @@ describe('Management plugins: ', () => {
.click()

performPluginAction('update', plugin, pluginName)

cy.get('#plugins-updates-available-message').should('not.exist')
})

it(`Create a page using a template from the ${plugin} plugin`, () => {
Expand Down
5 changes: 3 additions & 2 deletions lib/manage-prototype-handlers.js
Original file line number Diff line number Diff line change
Expand Up @@ -412,6 +412,7 @@ function buildPluginData (pluginData) {
packageName,
installed,
installedLocally,
updateAvailable,
latestVersion,
installedVersion,
required,
Expand All @@ -427,7 +428,7 @@ function buildPluginData (pluginData) {
installedLocally,
installLink: `${contextPath}/plugins/install?package=${encodeURIComponent(packageName)}`,
installCommand: `npm install ${packageName}`,
updateLink: installed && !installedLocally && latestVersion !== installedVersion ? `${contextPath}/plugins/update?package=${encodeURIComponent(packageName)}` : undefined,
updateLink: updateAvailable ? `${contextPath}/plugins/update?package=${encodeURIComponent(packageName)}` : undefined,
updateCommand: latestVersion && `npm install ${packageName}@${latestVersion}`,
uninstallLink: installed && !required ? `${contextPath}/plugins/uninstall?package=${encodeURIComponent(packageName)}${installedLocally ? `&version=${encodeURIComponent(localVersion)}` : ''}` : undefined,
uninstallCommand: `npm uninstall ${packageName}`,
Expand All @@ -450,7 +451,7 @@ async function prepareForPluginPage (isInstalledPage, search) {
status: isInstalledPage ? 'installed' : 'search',
plugins: plugins.map(buildPluginData),
found: plugins.length,
updates: installedPlugins.filter(plugin => plugin.installedVersion !== plugin.latestVersion).length
updates: installedPlugins.filter(plugin => plugin.updateAvailable).length
}
}

Expand Down
1 change: 1 addition & 0 deletions lib/nunjucks/views/manage-prototype/plugins.njk
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@
{% endif %}
{% if updatesMessage %}
{{ govukTag({
attributes: {id: "plugins-updates-available-message"},
text: updatesMessage
}) }}
{% endif %}
Expand Down
4 changes: 4 additions & 0 deletions lib/plugins/packages.js
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,7 @@ async function refreshPackageInfo (packageName, version) {
const installedPackageVersion = packageJson && projectPackage.dependencies[packageName]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@BenSurgisonGDS Might be a good idea to use .packages[packageName]

The legacy dependencies[packageName] entry is dropped in newer npm versions and only exists for compatibility in older projects created before "lockfileVersion": 3 was the default

You can use the CLI to switch lockfile version:

npm install --lockfile-version 2
npm install --lockfile-version 3

Which will show the legacy dependencies no longer exists in v3:

 {
   "name": "test-prototype",
   "lockfileVersion": 3,
   "packages": {
     "../../../../../../../path/to/govuk-prototype-kit": {
       "version": "13.13.4",
       "dependencies": {}
     }
-  },
-  "dependencies": {
-    "govuk-prototype-kit": {
-      "version": "file:../../../../../../../Users/colin/Sites/GDS/govuk-prototype-kit",
-      "requires": {}
-    }
+  }
 }

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would be great to do this in a future ticket

const installed = !!installedPackageVersion
const installedLocally = installedPackageVersion?.startsWith('file:')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For another PR, but this will be "link": true in the new lockfile format too

const installedFromGithub = installedPackageVersion?.startsWith('github:')
const installedVersion = installed ? packageJson?.version : undefined

let localVersion
Expand Down Expand Up @@ -118,6 +119,8 @@ async function refreshPackageInfo (packageName, version) {
localVersion = path.resolve(installedPackageVersion.replace('file:', ''))
}

const updateAvailable = installed && !installedLocally && !installedFromGithub && installedVersion !== latestVersion

const pluginDependencies = pluginConfig?.pluginDependencies ? normaliseDependencies(pluginConfig.pluginDependencies) : undefined

const packageInfo = {
Expand All @@ -133,6 +136,7 @@ async function refreshPackageInfo (packageName, version) {
pluginConfig,
pluginDependencies,
localVersion,
updateAvailable,
installedPackageVersion
}

Expand Down
4 changes: 4 additions & 0 deletions lib/plugins/packages.spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,7 @@ describe('packages', () => {
installedPackageVersion: '1.0.0',
installedVersion: '1.0.0',
latestVersion: '1.0.1',
updateAvailable: true,
required: false,
packageJson: {
local: true,
Expand Down Expand Up @@ -211,6 +212,7 @@ describe('packages', () => {
installed: false,
latestVersion: '1.0.0',
required: false,
updateAvailable: false,
packageJson: {
version: '1.0.0'
},
Expand All @@ -232,6 +234,7 @@ describe('packages', () => {
installed: false,
latestVersion: '2.0.0',
required: false,
updateAvailable: false,
packageJson: {
version: '2.0.0'
},
Expand Down Expand Up @@ -266,6 +269,7 @@ describe('packages', () => {
available: false,
installed: false,
localVersion: version,
updateAvailable: false,
packageJson: {
local: true,
version: '1.0.0'
Expand Down