Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: calculate _hasShrinkwrap on server-side if not present #450

Merged
merged 5 commits into from
May 4, 2023
Merged

fix: calculate _hasShrinkwrap on server-side if not present #450

merged 5 commits into from
May 4, 2023

Conversation

feichao93
Copy link
Contributor

@feichao93 feichao93 commented Apr 28, 2023
edited
Loading

cnpmcore/app/core/service/PackageManagerService.ts

Line 195 in ae191f3

_hasShrinkwrap: cmd.packageJson._hasShrinkwrap,

当一个包从 npmjs.com 同步而来时,cmd.packageJson._hasShrinkwrap 会带上正确的值;
当直接向 cnpmcore 发布新版本时,该字段为空,此时该字段需要在服务端重新计算。

如下图,npm 9.6.2(更早版本应该也是同样的行为)本地发布的时候,请求中是不会带 _hasShrinkwrap 字段的:

image

@socket-security
Copy link

socket-security bot commented Apr 28, 2023
edited
Loading

New dependency changes detected. Learn more about Socket for GitHub ↗︎

👍 No new dependency issues detected in pull request

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

Pull request alert summary
Issue Status
Install scripts ✅ 0 issues
Native code ✅ 0 issues
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues

📊 Modified Dependency Overview:

➕ Added Package Capability Access +/- Transitive Count Publisher
tar@6.1.14 filesystem, environment +5 isaacs
@types/tar@6.1.4 None +1 types

MondoGao
MondoGao reviewed Apr 28, 2023
View reviewed changes
app/common/PackageUtil.ts Outdated Show resolved Hide resolved
@fengmk2 fengmk2 added the bug Something isn't working label Apr 30, 2023
fengmk2
fengmk2 reviewed May 4, 2023
View reviewed changes
app/common/PackageUtil.ts Outdated Show resolved Hide resolved
fengmk2
fengmk2 reviewed May 4, 2023
View reviewed changes
package.json Outdated Show resolved Hide resolved
fengmk2
fengmk2 approved these changes May 4, 2023
View reviewed changes
Copy link
Member

@fengmk2 fengmk2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

@codecov
Copy link

codecov bot commented May 4, 2023
edited
Loading

Codecov Report

Merging #450 (daf530d) into master (f891aed) will decrease coverage by 0.17%.
The diff coverage is 98.03%.

@@            Coverage Diff             @@
##           master     #450      +/-   ##
==========================================
- Coverage   97.44%   97.27%   -0.17%     
==========================================
  Files         159      159              
  Lines       14652    14702      +50     
  Branches     1875     1883       +8     
==========================================
+ Hits        14277    14302      +25     
- Misses        375      400      +25
Impacted Files Coverage Δ
app/common/PackageUtil.ts 98.98% <97.50%> (-1.02%) ⬇️
app/core/service/PackageManagerService.ts 98.92% <100.00%> (+0.01%) ⬆️

... and 3 files with indirect coverage changes

@fengmk2 fengmk2 merged commit db59bd6 into cnpm:master May 4, 2023
fengmk2 pushed a commit that referenced this pull request May 4, 2023
@semantic-release-bot
Release 3.17.1
c1fc1a5 
[skip ci]

## [3.17.1](v3.17.0...v3.17.1) (2023-05-04)

### Bug Fixes

* calculate _hasShrinkwrap on server-side if not present ([#450](#450)) ([db59bd6](db59bd6))
@github-actions
Copy link

github-actions bot commented May 4, 2023

🎉 This PR is included in version 3.17.1 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MondoGao MondoGao MondoGao left review comments

@fengmk2 fengmk2 fengmk2 approved these changes

Assignees
No one assigned
Labels
bug Something isn't working released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@feichao93 @fengmk2 @MondoGao