From ba32831126591d2f6f48e31a4a2329b533b1ff19 Mon Sep 17 00:00:00 2001 From: isaacs Date: Tue, 16 Jul 2019 15:22:28 -0700 Subject: [PATCH] npm-registry-fetch@4.0.0 --- .../make-fetch-happen/CHANGELOG.md | 0 .../node_modules/make-fetch-happen/LICENSE | 0 .../node_modules/make-fetch-happen/README.md | 0 .../node_modules/make-fetch-happen/agent.js | 0 .../node_modules/make-fetch-happen/cache.js | 0 .../node_modules/make-fetch-happen/index.js | 0 .../make-fetch-happen/package.json | 6 +- .../node_modules/make-fetch-happen/warning.js | 0 .../npm-registry-fetch/CHANGELOG.md | 214 ++++++ .../npm-registry-fetch/LICENSE.md | 16 + .../node_modules/npm-registry-fetch/README.md | 609 +++++++++++++++++ .../node_modules/npm-registry-fetch/auth.js | 57 ++ .../npm-registry-fetch/check-response.js | 109 +++ .../node_modules/npm-registry-fetch/config.js | 98 +++ .../node_modules/npm-registry-fetch/errors.js | 79 +++ .../node_modules/npm-registry-fetch/index.js | 193 ++++++ .../npm-registry-fetch/package.json | 92 +++ .../npm-registry-fetch/silentlog.js | 14 + .../make-fetch-happen/CHANGELOG.md | 555 +++++++++++++++ .../node_modules/make-fetch-happen/LICENSE | 16 + .../node_modules/make-fetch-happen/README.md | 404 +++++++++++ .../node_modules/make-fetch-happen/agent.js | 171 +++++ .../node_modules/make-fetch-happen/cache.js | 249 +++++++ .../node_modules/make-fetch-happen/index.js | 482 +++++++++++++ .../make-fetch-happen/package.json | 94 +++ .../node_modules/make-fetch-happen/warning.js | 24 + .../npm-registry-fetch/CHANGELOG.md | 214 ++++++ .../npm-registry-fetch/LICENSE.md | 16 + .../node_modules/npm-registry-fetch/README.md | 609 +++++++++++++++++ .../node_modules/npm-registry-fetch/auth.js | 57 ++ .../npm-registry-fetch/check-response.js | 109 +++ .../node_modules/npm-registry-fetch/config.js | 98 +++ .../node_modules/npm-registry-fetch/errors.js | 79 +++ .../node_modules/npm-registry-fetch/index.js | 193 ++++++ .../npm-registry-fetch/package.json | 92 +++ .../npm-registry-fetch/silentlog.js | 14 + .../make-fetch-happen/CHANGELOG.md | 555 +++++++++++++++ .../node_modules/make-fetch-happen/LICENSE | 16 + .../node_modules/make-fetch-happen/README.md | 404 +++++++++++ .../node_modules/make-fetch-happen/agent.js | 171 +++++ .../node_modules/make-fetch-happen/cache.js | 249 +++++++ .../node_modules/make-fetch-happen/index.js | 482 +++++++++++++ .../make-fetch-happen/package.json | 94 +++ .../node_modules/make-fetch-happen/warning.js | 24 + .../npm-registry-fetch/CHANGELOG.md | 214 ++++++ .../npm-registry-fetch/LICENSE.md | 16 + .../node_modules/npm-registry-fetch/README.md | 609 +++++++++++++++++ .../node_modules/npm-registry-fetch/auth.js | 57 ++ .../npm-registry-fetch/check-response.js | 109 +++ .../node_modules/npm-registry-fetch/config.js | 98 +++ .../node_modules/npm-registry-fetch/errors.js | 79 +++ .../node_modules/npm-registry-fetch/index.js | 193 ++++++ .../npm-registry-fetch/package.json | 92 +++ .../npm-registry-fetch/silentlog.js | 14 + .../make-fetch-happen/CHANGELOG.md | 555 +++++++++++++++ .../node_modules/make-fetch-happen/LICENSE | 16 + .../node_modules/make-fetch-happen/README.md | 404 +++++++++++ .../node_modules/make-fetch-happen/agent.js | 171 +++++ .../node_modules/make-fetch-happen/cache.js | 249 +++++++ .../node_modules/make-fetch-happen/index.js | 482 +++++++++++++ .../make-fetch-happen/package.json | 94 +++ .../node_modules/make-fetch-happen/warning.js | 24 + .../npm-registry-fetch/CHANGELOG.md | 214 ++++++ .../npm-registry-fetch/LICENSE.md | 16 + .../node_modules/npm-registry-fetch/README.md | 609 +++++++++++++++++ .../node_modules/npm-registry-fetch/auth.js | 57 ++ .../npm-registry-fetch/check-response.js | 109 +++ .../node_modules/npm-registry-fetch/config.js | 98 +++ .../node_modules/npm-registry-fetch/errors.js | 79 +++ .../node_modules/npm-registry-fetch/index.js | 193 ++++++ .../npm-registry-fetch/package.json | 92 +++ .../npm-registry-fetch/silentlog.js | 14 + .../make-fetch-happen/CHANGELOG.md | 555 +++++++++++++++ .../node_modules/make-fetch-happen/LICENSE | 16 + .../node_modules/make-fetch-happen/README.md | 404 +++++++++++ .../node_modules/make-fetch-happen/agent.js | 171 +++++ .../node_modules/make-fetch-happen/cache.js | 249 +++++++ .../node_modules/make-fetch-happen/index.js | 482 +++++++++++++ .../make-fetch-happen/package.json | 94 +++ .../node_modules/make-fetch-happen/warning.js | 24 + .../npm-registry-fetch/CHANGELOG.md | 214 ++++++ .../npm-registry-fetch/LICENSE.md | 16 + .../node_modules/npm-registry-fetch/README.md | 609 +++++++++++++++++ .../node_modules/npm-registry-fetch/auth.js | 57 ++ .../npm-registry-fetch/check-response.js | 109 +++ .../node_modules/npm-registry-fetch/config.js | 98 +++ .../node_modules/npm-registry-fetch/errors.js | 79 +++ .../node_modules/npm-registry-fetch/index.js | 193 ++++++ .../npm-registry-fetch/package.json | 92 +++ .../npm-registry-fetch/silentlog.js | 14 + .../make-fetch-happen/CHANGELOG.md | 555 +++++++++++++++ .../node_modules/make-fetch-happen/LICENSE | 16 + .../node_modules/make-fetch-happen/README.md | 404 +++++++++++ .../node_modules/make-fetch-happen/agent.js | 171 +++++ .../node_modules/make-fetch-happen/cache.js | 249 +++++++ .../node_modules/make-fetch-happen/index.js | 482 +++++++++++++ .../make-fetch-happen/package.json | 94 +++ .../node_modules/make-fetch-happen/warning.js | 24 + .../npm-registry-fetch/CHANGELOG.md | 214 ++++++ .../npm-registry-fetch/LICENSE.md | 16 + .../node_modules/npm-registry-fetch/README.md | 609 +++++++++++++++++ .../node_modules/npm-registry-fetch/auth.js | 57 ++ .../npm-registry-fetch/check-response.js | 109 +++ .../node_modules/npm-registry-fetch/config.js | 98 +++ .../node_modules/npm-registry-fetch/errors.js | 79 +++ .../node_modules/npm-registry-fetch/index.js | 193 ++++++ .../npm-registry-fetch/package.json | 92 +++ .../npm-registry-fetch/silentlog.js | 14 + .../make-fetch-happen/CHANGELOG.md | 555 +++++++++++++++ .../node_modules/make-fetch-happen/LICENSE | 16 + .../node_modules/make-fetch-happen/README.md | 404 +++++++++++ .../node_modules/make-fetch-happen/agent.js | 171 +++++ .../node_modules/make-fetch-happen/cache.js | 249 +++++++ .../node_modules/make-fetch-happen/index.js | 482 +++++++++++++ .../make-fetch-happen/package.json | 94 +++ .../node_modules/make-fetch-happen/warning.js | 24 + .../npm-registry-fetch/CHANGELOG.md | 214 ++++++ .../npm-registry-fetch/LICENSE.md | 16 + .../node_modules/npm-registry-fetch/README.md | 609 +++++++++++++++++ .../node_modules/npm-registry-fetch/auth.js | 57 ++ .../npm-registry-fetch/check-response.js | 109 +++ .../node_modules/npm-registry-fetch/config.js | 98 +++ .../node_modules/npm-registry-fetch/errors.js | 79 +++ .../node_modules/npm-registry-fetch/index.js | 193 ++++++ .../npm-registry-fetch/package.json | 92 +++ .../npm-registry-fetch/silentlog.js | 14 + node_modules/make-fetch-happen/CHANGELOG.md | 16 + node_modules/make-fetch-happen/cache.js | 4 - .../node_modules/cacache/CHANGELOG.md | 637 +++++++++++++++++ .../node_modules/cacache/LICENSE.md | 16 + .../node_modules/cacache/README.es.md | 628 +++++++++++++++++ .../node_modules/cacache/README.md | 641 ++++++++++++++++++ .../node_modules/cacache/en.js | 3 + .../node_modules/cacache/es.js | 3 + .../node_modules/cacache/get.js | 247 +++++++ .../node_modules/cacache/index.js | 3 + .../node_modules/cacache/lib/content/path.js | 26 + .../node_modules/cacache/lib/content/read.js | 195 ++++++ .../node_modules/cacache/lib/content/rm.js | 21 + .../node_modules/cacache/lib/content/write.js | 164 +++++ .../node_modules/cacache/lib/entry-index.js | 288 ++++++++ .../node_modules/cacache/lib/memoization.js | 69 ++ .../cacache/lib/util/fix-owner.js | 122 ++++ .../cacache/lib/util/hash-to-segments.js | 11 + .../cacache/lib/util/infer-owner.js | 80 +++ .../cacache/lib/util/move-file.js | 51 ++ .../node_modules/cacache/lib/util/tmp.js | 37 + .../node_modules/cacache/lib/util/y.js | 25 + .../node_modules/cacache/lib/verify.js | 227 +++++++ .../node_modules/cacache/locales/en.js | 47 ++ .../node_modules/cacache/locales/en.json | 7 + .../node_modules/cacache/locales/es.js | 49 ++ .../node_modules/cacache/locales/es.json | 6 + .../node_modules/cacache/ls.js | 6 + .../node_modules/cacache/package.json | 125 ++++ .../node_modules/cacache/put.js | 86 +++ .../node_modules/cacache/rm.js | 28 + .../node_modules/cacache/verify.js | 3 + node_modules/make-fetch-happen/package.json | 42 +- .../make-fetch-happen/CHANGELOG.md | 555 +++++++++++++++ .../node_modules/make-fetch-happen/LICENSE | 16 + .../node_modules/make-fetch-happen/README.md | 404 +++++++++++ .../node_modules/make-fetch-happen/agent.js | 171 +++++ .../node_modules/make-fetch-happen/cache.js | 249 +++++++ .../node_modules/make-fetch-happen/index.js | 482 +++++++++++++ .../make-fetch-happen/package.json | 94 +++ .../node_modules/make-fetch-happen/warning.js | 24 + .../npm-registry-fetch/CHANGELOG.md | 214 ++++++ .../npm-registry-fetch/LICENSE.md | 16 + .../node_modules/npm-registry-fetch/README.md | 609 +++++++++++++++++ .../node_modules/npm-registry-fetch/auth.js | 57 ++ .../npm-registry-fetch/check-response.js | 109 +++ .../node_modules/npm-registry-fetch/config.js | 98 +++ .../node_modules/npm-registry-fetch/errors.js | 79 +++ .../node_modules/npm-registry-fetch/index.js | 193 ++++++ .../npm-registry-fetch/package.json | 92 +++ .../npm-registry-fetch/silentlog.js | 14 + node_modules/npm-registry-fetch/CHANGELOG.md | 14 + node_modules/npm-registry-fetch/config.js | 2 - node_modules/npm-registry-fetch/index.js | 4 +- node_modules/npm-registry-fetch/package.json | 49 +- .../pacote/node_modules/cacache/CHANGELOG.md | 637 +++++++++++++++++ .../pacote/node_modules/cacache/LICENSE.md | 16 + .../pacote/node_modules/cacache/README.es.md | 628 +++++++++++++++++ .../pacote/node_modules/cacache/README.md | 641 ++++++++++++++++++ .../pacote/node_modules/cacache/en.js | 3 + .../pacote/node_modules/cacache/es.js | 3 + .../pacote/node_modules/cacache/get.js | 247 +++++++ .../pacote/node_modules/cacache/index.js | 3 + .../node_modules/cacache/lib/content/path.js | 26 + .../node_modules/cacache/lib/content/read.js | 195 ++++++ .../node_modules/cacache/lib/content/rm.js | 21 + .../node_modules/cacache/lib/content/write.js | 164 +++++ .../node_modules/cacache/lib/entry-index.js | 288 ++++++++ .../node_modules/cacache/lib/memoization.js | 69 ++ .../cacache/lib/util/fix-owner.js | 122 ++++ .../cacache/lib/util/hash-to-segments.js | 11 + .../cacache/lib/util/infer-owner.js | 80 +++ .../cacache/lib/util/move-file.js | 51 ++ .../node_modules/cacache/lib/util/tmp.js | 37 + .../pacote/node_modules/cacache/lib/util/y.js | 25 + .../pacote/node_modules/cacache/lib/verify.js | 227 +++++++ .../pacote/node_modules/cacache/locales/en.js | 47 ++ .../node_modules/cacache/locales/en.json | 7 + .../pacote/node_modules/cacache/locales/es.js | 49 ++ .../node_modules/cacache/locales/es.json | 6 + .../pacote/node_modules/cacache/ls.js | 6 + .../pacote/node_modules/cacache/package.json | 125 ++++ .../pacote/node_modules/cacache/put.js | 86 +++ .../pacote/node_modules/cacache/rm.js | 28 + .../pacote/node_modules/cacache/verify.js | 3 + .../npm-registry-fetch/CHANGELOG.md | 228 +++++++ .../npm-registry-fetch/LICENSE.md | 16 + .../node_modules/npm-registry-fetch/README.md | 609 +++++++++++++++++ .../node_modules/npm-registry-fetch/auth.js | 57 ++ .../npm-registry-fetch/check-response.js | 109 +++ .../node_modules/npm-registry-fetch/config.js | 96 +++ .../node_modules/npm-registry-fetch/errors.js | 79 +++ .../node_modules/npm-registry-fetch/index.js | 191 ++++++ .../npm-registry-fetch/package.json | 92 +++ .../npm-registry-fetch/silentlog.js | 14 + node_modules/pacote/package.json | 20 +- package-lock.json | 286 +++++++- package.json | 2 +- 224 files changed, 35365 insertions(+), 86 deletions(-) rename node_modules/{npm-registry-fetch => libnpm}/node_modules/make-fetch-happen/CHANGELOG.md (100%) rename node_modules/{npm-registry-fetch => libnpm}/node_modules/make-fetch-happen/LICENSE (100%) rename node_modules/{npm-registry-fetch => libnpm}/node_modules/make-fetch-happen/README.md (100%) rename node_modules/{npm-registry-fetch => libnpm}/node_modules/make-fetch-happen/agent.js (100%) rename node_modules/{npm-registry-fetch => libnpm}/node_modules/make-fetch-happen/cache.js (100%) rename node_modules/{npm-registry-fetch => libnpm}/node_modules/make-fetch-happen/index.js (100%) rename node_modules/{npm-registry-fetch => libnpm}/node_modules/make-fetch-happen/package.json (94%) rename node_modules/{npm-registry-fetch => libnpm}/node_modules/make-fetch-happen/warning.js (100%) create mode 100644 node_modules/libnpm/node_modules/npm-registry-fetch/CHANGELOG.md create mode 100644 node_modules/libnpm/node_modules/npm-registry-fetch/LICENSE.md create mode 100644 node_modules/libnpm/node_modules/npm-registry-fetch/README.md create mode 100644 node_modules/libnpm/node_modules/npm-registry-fetch/auth.js create mode 100644 node_modules/libnpm/node_modules/npm-registry-fetch/check-response.js create mode 100644 node_modules/libnpm/node_modules/npm-registry-fetch/config.js create mode 100644 node_modules/libnpm/node_modules/npm-registry-fetch/errors.js create mode 100644 node_modules/libnpm/node_modules/npm-registry-fetch/index.js create mode 100644 node_modules/libnpm/node_modules/npm-registry-fetch/package.json create mode 100644 node_modules/libnpm/node_modules/npm-registry-fetch/silentlog.js create mode 100644 node_modules/libnpmaccess/node_modules/make-fetch-happen/CHANGELOG.md create mode 100644 node_modules/libnpmaccess/node_modules/make-fetch-happen/LICENSE create mode 100644 node_modules/libnpmaccess/node_modules/make-fetch-happen/README.md create mode 100644 node_modules/libnpmaccess/node_modules/make-fetch-happen/agent.js create mode 100644 node_modules/libnpmaccess/node_modules/make-fetch-happen/cache.js create mode 100644 node_modules/libnpmaccess/node_modules/make-fetch-happen/index.js create mode 100644 node_modules/libnpmaccess/node_modules/make-fetch-happen/package.json create mode 100644 node_modules/libnpmaccess/node_modules/make-fetch-happen/warning.js create mode 100644 node_modules/libnpmaccess/node_modules/npm-registry-fetch/CHANGELOG.md create mode 100644 node_modules/libnpmaccess/node_modules/npm-registry-fetch/LICENSE.md create mode 100644 node_modules/libnpmaccess/node_modules/npm-registry-fetch/README.md create mode 100644 node_modules/libnpmaccess/node_modules/npm-registry-fetch/auth.js create mode 100644 node_modules/libnpmaccess/node_modules/npm-registry-fetch/check-response.js create mode 100644 node_modules/libnpmaccess/node_modules/npm-registry-fetch/config.js create mode 100644 node_modules/libnpmaccess/node_modules/npm-registry-fetch/errors.js create mode 100644 node_modules/libnpmaccess/node_modules/npm-registry-fetch/index.js create mode 100644 node_modules/libnpmaccess/node_modules/npm-registry-fetch/package.json create mode 100644 node_modules/libnpmaccess/node_modules/npm-registry-fetch/silentlog.js create mode 100644 node_modules/libnpmhook/node_modules/make-fetch-happen/CHANGELOG.md create mode 100644 node_modules/libnpmhook/node_modules/make-fetch-happen/LICENSE create mode 100644 node_modules/libnpmhook/node_modules/make-fetch-happen/README.md create mode 100644 node_modules/libnpmhook/node_modules/make-fetch-happen/agent.js create mode 100644 node_modules/libnpmhook/node_modules/make-fetch-happen/cache.js create mode 100644 node_modules/libnpmhook/node_modules/make-fetch-happen/index.js create mode 100644 node_modules/libnpmhook/node_modules/make-fetch-happen/package.json create mode 100644 node_modules/libnpmhook/node_modules/make-fetch-happen/warning.js create mode 100644 node_modules/libnpmhook/node_modules/npm-registry-fetch/CHANGELOG.md create mode 100644 node_modules/libnpmhook/node_modules/npm-registry-fetch/LICENSE.md create mode 100644 node_modules/libnpmhook/node_modules/npm-registry-fetch/README.md create mode 100644 node_modules/libnpmhook/node_modules/npm-registry-fetch/auth.js create mode 100644 node_modules/libnpmhook/node_modules/npm-registry-fetch/check-response.js create mode 100644 node_modules/libnpmhook/node_modules/npm-registry-fetch/config.js create mode 100644 node_modules/libnpmhook/node_modules/npm-registry-fetch/errors.js create mode 100644 node_modules/libnpmhook/node_modules/npm-registry-fetch/index.js create mode 100644 node_modules/libnpmhook/node_modules/npm-registry-fetch/package.json create mode 100644 node_modules/libnpmhook/node_modules/npm-registry-fetch/silentlog.js create mode 100644 node_modules/libnpmorg/node_modules/make-fetch-happen/CHANGELOG.md create mode 100644 node_modules/libnpmorg/node_modules/make-fetch-happen/LICENSE create mode 100644 node_modules/libnpmorg/node_modules/make-fetch-happen/README.md create mode 100644 node_modules/libnpmorg/node_modules/make-fetch-happen/agent.js create mode 100644 node_modules/libnpmorg/node_modules/make-fetch-happen/cache.js create mode 100644 node_modules/libnpmorg/node_modules/make-fetch-happen/index.js create mode 100644 node_modules/libnpmorg/node_modules/make-fetch-happen/package.json create mode 100644 node_modules/libnpmorg/node_modules/make-fetch-happen/warning.js create mode 100644 node_modules/libnpmorg/node_modules/npm-registry-fetch/CHANGELOG.md create mode 100644 node_modules/libnpmorg/node_modules/npm-registry-fetch/LICENSE.md create mode 100644 node_modules/libnpmorg/node_modules/npm-registry-fetch/README.md create mode 100644 node_modules/libnpmorg/node_modules/npm-registry-fetch/auth.js create mode 100644 node_modules/libnpmorg/node_modules/npm-registry-fetch/check-response.js create mode 100644 node_modules/libnpmorg/node_modules/npm-registry-fetch/config.js create mode 100644 node_modules/libnpmorg/node_modules/npm-registry-fetch/errors.js create mode 100644 node_modules/libnpmorg/node_modules/npm-registry-fetch/index.js create mode 100644 node_modules/libnpmorg/node_modules/npm-registry-fetch/package.json create mode 100644 node_modules/libnpmorg/node_modules/npm-registry-fetch/silentlog.js create mode 100644 node_modules/libnpmpublish/node_modules/make-fetch-happen/CHANGELOG.md create mode 100644 node_modules/libnpmpublish/node_modules/make-fetch-happen/LICENSE create mode 100644 node_modules/libnpmpublish/node_modules/make-fetch-happen/README.md create mode 100644 node_modules/libnpmpublish/node_modules/make-fetch-happen/agent.js create mode 100644 node_modules/libnpmpublish/node_modules/make-fetch-happen/cache.js create mode 100644 node_modules/libnpmpublish/node_modules/make-fetch-happen/index.js create mode 100644 node_modules/libnpmpublish/node_modules/make-fetch-happen/package.json create mode 100644 node_modules/libnpmpublish/node_modules/make-fetch-happen/warning.js create mode 100644 node_modules/libnpmpublish/node_modules/npm-registry-fetch/CHANGELOG.md create mode 100644 node_modules/libnpmpublish/node_modules/npm-registry-fetch/LICENSE.md create mode 100644 node_modules/libnpmpublish/node_modules/npm-registry-fetch/README.md create mode 100644 node_modules/libnpmpublish/node_modules/npm-registry-fetch/auth.js create mode 100644 node_modules/libnpmpublish/node_modules/npm-registry-fetch/check-response.js create mode 100644 node_modules/libnpmpublish/node_modules/npm-registry-fetch/config.js create mode 100644 node_modules/libnpmpublish/node_modules/npm-registry-fetch/errors.js create mode 100644 node_modules/libnpmpublish/node_modules/npm-registry-fetch/index.js create mode 100644 node_modules/libnpmpublish/node_modules/npm-registry-fetch/package.json create mode 100644 node_modules/libnpmpublish/node_modules/npm-registry-fetch/silentlog.js create mode 100644 node_modules/libnpmsearch/node_modules/make-fetch-happen/CHANGELOG.md create mode 100644 node_modules/libnpmsearch/node_modules/make-fetch-happen/LICENSE create mode 100644 node_modules/libnpmsearch/node_modules/make-fetch-happen/README.md create mode 100644 node_modules/libnpmsearch/node_modules/make-fetch-happen/agent.js create mode 100644 node_modules/libnpmsearch/node_modules/make-fetch-happen/cache.js create mode 100644 node_modules/libnpmsearch/node_modules/make-fetch-happen/index.js create mode 100644 node_modules/libnpmsearch/node_modules/make-fetch-happen/package.json create mode 100644 node_modules/libnpmsearch/node_modules/make-fetch-happen/warning.js create mode 100644 node_modules/libnpmsearch/node_modules/npm-registry-fetch/CHANGELOG.md create mode 100644 node_modules/libnpmsearch/node_modules/npm-registry-fetch/LICENSE.md create mode 100644 node_modules/libnpmsearch/node_modules/npm-registry-fetch/README.md create mode 100644 node_modules/libnpmsearch/node_modules/npm-registry-fetch/auth.js create mode 100644 node_modules/libnpmsearch/node_modules/npm-registry-fetch/check-response.js create mode 100644 node_modules/libnpmsearch/node_modules/npm-registry-fetch/config.js create mode 100644 node_modules/libnpmsearch/node_modules/npm-registry-fetch/errors.js create mode 100644 node_modules/libnpmsearch/node_modules/npm-registry-fetch/index.js create mode 100644 node_modules/libnpmsearch/node_modules/npm-registry-fetch/package.json create mode 100644 node_modules/libnpmsearch/node_modules/npm-registry-fetch/silentlog.js create mode 100644 node_modules/libnpmteam/node_modules/make-fetch-happen/CHANGELOG.md create mode 100644 node_modules/libnpmteam/node_modules/make-fetch-happen/LICENSE create mode 100644 node_modules/libnpmteam/node_modules/make-fetch-happen/README.md create mode 100644 node_modules/libnpmteam/node_modules/make-fetch-happen/agent.js create mode 100644 node_modules/libnpmteam/node_modules/make-fetch-happen/cache.js create mode 100644 node_modules/libnpmteam/node_modules/make-fetch-happen/index.js create mode 100644 node_modules/libnpmteam/node_modules/make-fetch-happen/package.json create mode 100644 node_modules/libnpmteam/node_modules/make-fetch-happen/warning.js create mode 100644 node_modules/libnpmteam/node_modules/npm-registry-fetch/CHANGELOG.md create mode 100644 node_modules/libnpmteam/node_modules/npm-registry-fetch/LICENSE.md create mode 100644 node_modules/libnpmteam/node_modules/npm-registry-fetch/README.md create mode 100644 node_modules/libnpmteam/node_modules/npm-registry-fetch/auth.js create mode 100644 node_modules/libnpmteam/node_modules/npm-registry-fetch/check-response.js create mode 100644 node_modules/libnpmteam/node_modules/npm-registry-fetch/config.js create mode 100644 node_modules/libnpmteam/node_modules/npm-registry-fetch/errors.js create mode 100644 node_modules/libnpmteam/node_modules/npm-registry-fetch/index.js create mode 100644 node_modules/libnpmteam/node_modules/npm-registry-fetch/package.json create mode 100644 node_modules/libnpmteam/node_modules/npm-registry-fetch/silentlog.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/CHANGELOG.md create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/LICENSE.md create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/README.es.md create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/README.md create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/en.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/es.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/get.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/index.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/content/path.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/content/read.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/content/rm.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/content/write.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/entry-index.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/memoization.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/util/fix-owner.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/util/hash-to-segments.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/util/infer-owner.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/util/move-file.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/util/tmp.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/util/y.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/lib/verify.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/locales/en.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/locales/en.json create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/locales/es.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/locales/es.json create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/ls.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/package.json create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/put.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/rm.js create mode 100644 node_modules/make-fetch-happen/node_modules/cacache/verify.js create mode 100644 node_modules/npm-profile/node_modules/make-fetch-happen/CHANGELOG.md create mode 100644 node_modules/npm-profile/node_modules/make-fetch-happen/LICENSE create mode 100644 node_modules/npm-profile/node_modules/make-fetch-happen/README.md create mode 100644 node_modules/npm-profile/node_modules/make-fetch-happen/agent.js create mode 100644 node_modules/npm-profile/node_modules/make-fetch-happen/cache.js create mode 100644 node_modules/npm-profile/node_modules/make-fetch-happen/index.js create mode 100644 node_modules/npm-profile/node_modules/make-fetch-happen/package.json create mode 100644 node_modules/npm-profile/node_modules/make-fetch-happen/warning.js create mode 100644 node_modules/npm-profile/node_modules/npm-registry-fetch/CHANGELOG.md create mode 100644 node_modules/npm-profile/node_modules/npm-registry-fetch/LICENSE.md create mode 100644 node_modules/npm-profile/node_modules/npm-registry-fetch/README.md create mode 100644 node_modules/npm-profile/node_modules/npm-registry-fetch/auth.js create mode 100644 node_modules/npm-profile/node_modules/npm-registry-fetch/check-response.js create mode 100644 node_modules/npm-profile/node_modules/npm-registry-fetch/config.js create mode 100644 node_modules/npm-profile/node_modules/npm-registry-fetch/errors.js create mode 100644 node_modules/npm-profile/node_modules/npm-registry-fetch/index.js create mode 100644 node_modules/npm-profile/node_modules/npm-registry-fetch/package.json create mode 100644 node_modules/npm-profile/node_modules/npm-registry-fetch/silentlog.js create mode 100644 node_modules/pacote/node_modules/cacache/CHANGELOG.md create mode 100644 node_modules/pacote/node_modules/cacache/LICENSE.md create mode 100644 node_modules/pacote/node_modules/cacache/README.es.md create mode 100644 node_modules/pacote/node_modules/cacache/README.md create mode 100644 node_modules/pacote/node_modules/cacache/en.js create mode 100644 node_modules/pacote/node_modules/cacache/es.js create mode 100644 node_modules/pacote/node_modules/cacache/get.js create mode 100644 node_modules/pacote/node_modules/cacache/index.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/content/path.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/content/read.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/content/rm.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/content/write.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/entry-index.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/memoization.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/util/fix-owner.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/util/hash-to-segments.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/util/infer-owner.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/util/move-file.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/util/tmp.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/util/y.js create mode 100644 node_modules/pacote/node_modules/cacache/lib/verify.js create mode 100644 node_modules/pacote/node_modules/cacache/locales/en.js create mode 100644 node_modules/pacote/node_modules/cacache/locales/en.json create mode 100644 node_modules/pacote/node_modules/cacache/locales/es.js create mode 100644 node_modules/pacote/node_modules/cacache/locales/es.json create mode 100644 node_modules/pacote/node_modules/cacache/ls.js create mode 100644 node_modules/pacote/node_modules/cacache/package.json create mode 100644 node_modules/pacote/node_modules/cacache/put.js create mode 100644 node_modules/pacote/node_modules/cacache/rm.js create mode 100644 node_modules/pacote/node_modules/cacache/verify.js create mode 100644 node_modules/pacote/node_modules/npm-registry-fetch/CHANGELOG.md create mode 100644 node_modules/pacote/node_modules/npm-registry-fetch/LICENSE.md create mode 100644 node_modules/pacote/node_modules/npm-registry-fetch/README.md create mode 100644 node_modules/pacote/node_modules/npm-registry-fetch/auth.js create mode 100644 node_modules/pacote/node_modules/npm-registry-fetch/check-response.js create mode 100644 node_modules/pacote/node_modules/npm-registry-fetch/config.js create mode 100644 node_modules/pacote/node_modules/npm-registry-fetch/errors.js create mode 100644 node_modules/pacote/node_modules/npm-registry-fetch/index.js create mode 100644 node_modules/pacote/node_modules/npm-registry-fetch/package.json create mode 100644 node_modules/pacote/node_modules/npm-registry-fetch/silentlog.js diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/CHANGELOG.md b/node_modules/libnpm/node_modules/make-fetch-happen/CHANGELOG.md similarity index 100% rename from node_modules/npm-registry-fetch/node_modules/make-fetch-happen/CHANGELOG.md rename to node_modules/libnpm/node_modules/make-fetch-happen/CHANGELOG.md diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/LICENSE b/node_modules/libnpm/node_modules/make-fetch-happen/LICENSE similarity index 100% rename from node_modules/npm-registry-fetch/node_modules/make-fetch-happen/LICENSE rename to node_modules/libnpm/node_modules/make-fetch-happen/LICENSE diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/README.md b/node_modules/libnpm/node_modules/make-fetch-happen/README.md similarity index 100% rename from node_modules/npm-registry-fetch/node_modules/make-fetch-happen/README.md rename to node_modules/libnpm/node_modules/make-fetch-happen/README.md diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/agent.js b/node_modules/libnpm/node_modules/make-fetch-happen/agent.js similarity index 100% rename from node_modules/npm-registry-fetch/node_modules/make-fetch-happen/agent.js rename to node_modules/libnpm/node_modules/make-fetch-happen/agent.js diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/cache.js b/node_modules/libnpm/node_modules/make-fetch-happen/cache.js similarity index 100% rename from node_modules/npm-registry-fetch/node_modules/make-fetch-happen/cache.js rename to node_modules/libnpm/node_modules/make-fetch-happen/cache.js diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/index.js b/node_modules/libnpm/node_modules/make-fetch-happen/index.js similarity index 100% rename from node_modules/npm-registry-fetch/node_modules/make-fetch-happen/index.js rename to node_modules/libnpm/node_modules/make-fetch-happen/index.js diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/package.json b/node_modules/libnpm/node_modules/make-fetch-happen/package.json similarity index 94% rename from node_modules/npm-registry-fetch/node_modules/make-fetch-happen/package.json rename to node_modules/libnpm/node_modules/make-fetch-happen/package.json index 0f5adaa3476c9..e01e060f231e2 100644 --- a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/package.json +++ b/node_modules/libnpm/node_modules/make-fetch-happen/package.json @@ -3,7 +3,7 @@ "_id": "make-fetch-happen@4.0.2", "_inBundle": false, "_integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", - "_location": "/npm-registry-fetch/make-fetch-happen", + "_location": "/libnpm/make-fetch-happen", "_phantomChildren": {}, "_requested": { "type": "range", @@ -16,12 +16,12 @@ "fetchSpec": "^4.0.2" }, "_requiredBy": [ - "/npm-registry-fetch" + "/libnpm/npm-registry-fetch" ], "_resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", "_shasum": "2d156b11696fb32bffbafe1ac1bc085dd6c78a79", "_spec": "make-fetch-happen@^4.0.2", - "_where": "/Users/isaacs/dev/npm/cli/node_modules/npm-registry-fetch", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpm/node_modules/npm-registry-fetch", "author": { "name": "Kat Marchán", "email": "kzm@zkat.tech" diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/warning.js b/node_modules/libnpm/node_modules/make-fetch-happen/warning.js similarity index 100% rename from node_modules/npm-registry-fetch/node_modules/make-fetch-happen/warning.js rename to node_modules/libnpm/node_modules/make-fetch-happen/warning.js diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpm/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 0000000000000..d24e026914c23 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,214 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + + +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + + +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + + +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + + +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + + +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + + +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + + +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + + +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + + +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + + +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + + +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + + +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + + +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + + +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + + +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + + +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + + +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpm/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/README.md b/node_modules/libnpm/node_modules/npm-registry-fetch/README.md new file mode 100644 index 0000000000000..0c3f4f9469955 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [![npm version](https://img.shields.io/npm/v/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![license](https://img.shields.io/npm/l/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![Travis](https://img.shields.io/travis/npm/npm-registry-fetch/latest.svg)](https://travis-ci.org/npm/npm-registry-fetch) [![AppVeyor](https://img.shields.io/appveyor/ci/zkat/npm-registry-fetch/latest.svg)](https://ci.appveyor.com/project/npm/npm-registry-fetch) [![Coverage Status](https://coveralls.io/repos/github/npm/npm-registry-fetch/badge.svg?branch=latest)](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(url, [opts]) -> Promise` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### `> fetch.json(url, [opts]) -> Promise` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### `opts.:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@/node@+ ()'` + +User agent string to send in the `User-Agent` header. + +##### `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpm/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 0000000000000..d583982d0a8b2 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpm/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 0000000000000..bfde699edcfbd --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/config.js b/node_modules/libnpm/node_modules/npm-registry-fetch/config.js new file mode 100644 index 0000000000000..7fe5dacc94362 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,98 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gid': {}, + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'uid': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpm/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 0000000000000..ba78735fce135 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/index.js b/node_modules/libnpm/node_modules/npm-registry-fetch/index.js new file mode 100644 index 0000000000000..4ba3c19243471 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,193 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout, + uid: opts.uid, + gid: opts.gid + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/package.json b/node_modules/libnpm/node_modules/npm-registry-fetch/package.json new file mode 100644 index 0000000000000..98978b3d76bb0 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,92 @@ +{ + "_from": "npm-registry-fetch@^3.8.0", + "_id": "npm-registry-fetch@3.9.1", + "_inBundle": false, + "_integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "_location": "/libnpm/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^3.8.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^3.8.0", + "saveSpec": null, + "fetchSpec": "^3.8.0" + }, + "_requiredBy": [ + "/libnpm" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "_shasum": "00ff6e4e35d3f75a172b332440b53e93f4cb67de", + "_spec": "npm-registry-fetch@^3.8.0", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpm", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^11.3.3", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "3.9.1" +} diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpm/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 0000000000000..886c5d55b2dbb --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmaccess/node_modules/make-fetch-happen/CHANGELOG.md b/node_modules/libnpmaccess/node_modules/make-fetch-happen/CHANGELOG.md new file mode 100644 index 0000000000000..a446842f55d80 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/make-fetch-happen/CHANGELOG.md @@ -0,0 +1,555 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [4.0.2](https://github.com/zkat/make-fetch-happen/compare/v4.0.1...v4.0.2) (2019-07-02) + + + + +## [4.0.1](https://github.com/zkat/make-fetch-happen/compare/v4.0.0...v4.0.1) (2018-04-12) + + +### Bug Fixes + +* **integrity:** use new sri.match() for verification ([4f371a0](https://github.com/zkat/make-fetch-happen/commit/4f371a0)) + + + + +# [4.0.0](https://github.com/zkat/make-fetch-happen/compare/v3.0.0...v4.0.0) (2018-04-09) + + +### meta + +* drop node@4, add node@9 ([7b0191a](https://github.com/zkat/make-fetch-happen/commit/7b0191a)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +# [3.0.0](https://github.com/zkat/make-fetch-happen/compare/v2.6.0...v3.0.0) (2018-03-12) + + +### Bug Fixes + +* **license:** switch to ISC ([#49](https://github.com/zkat/make-fetch-happen/issues/49)) ([bf90c6d](https://github.com/zkat/make-fetch-happen/commit/bf90c6d)) +* **standard:** standard@11 update ([ff0aa70](https://github.com/zkat/make-fetch-happen/commit/ff0aa70)) + + +### BREAKING CHANGES + +* **license:** license changed from CC0 to ISC. + + + + +# [2.6.0](https://github.com/zkat/make-fetch-happen/compare/v2.5.0...v2.6.0) (2017-11-14) + + +### Bug Fixes + +* **integrity:** disable node-fetch compress when checking integrity (#42) ([a7cc74c](https://github.com/zkat/make-fetch-happen/commit/a7cc74c)) + + +### Features + +* **onretry:** Add `options.onRetry` (#48) ([f90ccff](https://github.com/zkat/make-fetch-happen/commit/f90ccff)) + + + + +# [2.5.0](https://github.com/zkat/make-fetch-happen/compare/v2.4.13...v2.5.0) (2017-08-24) + + +### Bug Fixes + +* **agent:** support timeout durations greater than 30 seconds ([04875ae](https://github.com/zkat/make-fetch-happen/commit/04875ae)), closes [#35](https://github.com/zkat/make-fetch-happen/issues/35) + + +### Features + +* **cache:** export cache deletion functionality (#40) ([3da4250](https://github.com/zkat/make-fetch-happen/commit/3da4250)) + + + + +## [2.4.13](https://github.com/zkat/make-fetch-happen/compare/v2.4.12...v2.4.13) (2017-06-29) + + +### Bug Fixes + +* **deps:** bump other deps for bugfixes ([eab8297](https://github.com/zkat/make-fetch-happen/commit/eab8297)) +* **proxy:** bump proxy deps with bugfixes (#32) ([632f860](https://github.com/zkat/make-fetch-happen/commit/632f860)), closes [#32](https://github.com/zkat/make-fetch-happen/issues/32) + + + + +## [2.4.12](https://github.com/zkat/make-fetch-happen/compare/v2.4.11...v2.4.12) (2017-06-06) + + +### Bug Fixes + +* **cache:** encode x-local-cache-etc headers to be header-safe ([dc9fb1b](https://github.com/zkat/make-fetch-happen/commit/dc9fb1b)) + + + + +## [2.4.11](https://github.com/zkat/make-fetch-happen/compare/v2.4.10...v2.4.11) (2017-06-05) + + +### Bug Fixes + +* **deps:** bump deps with ssri fix ([bef1994](https://github.com/zkat/make-fetch-happen/commit/bef1994)) + + + + +## [2.4.10](https://github.com/zkat/make-fetch-happen/compare/v2.4.9...v2.4.10) (2017-05-31) + + +### Bug Fixes + +* **deps:** bump dep versions with bugfixes ([0af4003](https://github.com/zkat/make-fetch-happen/commit/0af4003)) +* **proxy:** use auth parameter for proxy authentication (#30) ([c687306](https://github.com/zkat/make-fetch-happen/commit/c687306)) + + + + +## [2.4.9](https://github.com/zkat/make-fetch-happen/compare/v2.4.8...v2.4.9) (2017-05-25) + + +### Bug Fixes + +* **cache:** use the passed-in promise for resolving cache stuff ([4c46257](https://github.com/zkat/make-fetch-happen/commit/4c46257)) + + + + +## [2.4.8](https://github.com/zkat/make-fetch-happen/compare/v2.4.7...v2.4.8) (2017-05-25) + + +### Bug Fixes + +* **cache:** pass uid/gid/Promise through to cache ([a847c92](https://github.com/zkat/make-fetch-happen/commit/a847c92)) + + + + +## [2.4.7](https://github.com/zkat/make-fetch-happen/compare/v2.4.6...v2.4.7) (2017-05-24) + + +### Bug Fixes + +* **deps:** pull in various fixes from deps ([fc2a587](https://github.com/zkat/make-fetch-happen/commit/fc2a587)) + + + + +## [2.4.6](https://github.com/zkat/make-fetch-happen/compare/v2.4.5...v2.4.6) (2017-05-24) + + +### Bug Fixes + +* **proxy:** choose agent for http(s)-proxy by protocol of destUrl ([ea4832a](https://github.com/zkat/make-fetch-happen/commit/ea4832a)) +* **proxy:** make socks proxy working ([1de810a](https://github.com/zkat/make-fetch-happen/commit/1de810a)) +* **proxy:** revert previous proxy solution ([563b0d8](https://github.com/zkat/make-fetch-happen/commit/563b0d8)) + + + + +## [2.4.5](https://github.com/zkat/make-fetch-happen/compare/v2.4.4...v2.4.5) (2017-05-24) + + +### Bug Fixes + +* **proxy:** use the destination url when determining agent ([1a714e7](https://github.com/zkat/make-fetch-happen/commit/1a714e7)) + + + + +## [2.4.4](https://github.com/zkat/make-fetch-happen/compare/v2.4.3...v2.4.4) (2017-05-23) + + +### Bug Fixes + +* **redirect:** handle redirects explicitly (#27) ([4c4af54](https://github.com/zkat/make-fetch-happen/commit/4c4af54)) + + + + +## [2.4.3](https://github.com/zkat/make-fetch-happen/compare/v2.4.2...v2.4.3) (2017-05-06) + + +### Bug Fixes + +* **redirect:** redirects now delete authorization if hosts fail to match ([c071805](https://github.com/zkat/make-fetch-happen/commit/c071805)) + + + + +## [2.4.2](https://github.com/zkat/make-fetch-happen/compare/v2.4.1...v2.4.2) (2017-05-04) + + +### Bug Fixes + +* **cache:** reduce race condition window by checking for content ([24544b1](https://github.com/zkat/make-fetch-happen/commit/24544b1)) +* **match:** Rewrite the conditional stream logic (#25) ([66bba4b](https://github.com/zkat/make-fetch-happen/commit/66bba4b)) + + + + +## [2.4.1](https://github.com/zkat/make-fetch-happen/compare/v2.4.0...v2.4.1) (2017-04-28) + + +### Bug Fixes + +* **memoization:** missed spots + allow passthrough of memo objs ([ac0cd12](https://github.com/zkat/make-fetch-happen/commit/ac0cd12)) + + + + +# [2.4.0](https://github.com/zkat/make-fetch-happen/compare/v2.3.0...v2.4.0) (2017-04-28) + + +### Bug Fixes + +* **memoize:** cacache had a broken memoizer ([8a9ed4c](https://github.com/zkat/make-fetch-happen/commit/8a9ed4c)) + + +### Features + +* **memoization:** only slurp stuff into memory if opts.memoize is not false ([0744adc](https://github.com/zkat/make-fetch-happen/commit/0744adc)) + + + + +# [2.3.0](https://github.com/zkat/make-fetch-happen/compare/v2.2.6...v2.3.0) (2017-04-27) + + +### Features + +* **agent:** added opts.strictSSL and opts.localAddress ([c35015a](https://github.com/zkat/make-fetch-happen/commit/c35015a)) +* **proxy:** Added opts.noProxy and NO_PROXY support ([f45c915](https://github.com/zkat/make-fetch-happen/commit/f45c915)) + + + + +## [2.2.6](https://github.com/zkat/make-fetch-happen/compare/v2.2.5...v2.2.6) (2017-04-26) + + +### Bug Fixes + +* **agent:** check uppercase & lowercase proxy env (#24) ([acf2326](https://github.com/zkat/make-fetch-happen/commit/acf2326)), closes [#22](https://github.com/zkat/make-fetch-happen/issues/22) +* **deps:** switch to node-fetch-npm and stop bundling ([3db603b](https://github.com/zkat/make-fetch-happen/commit/3db603b)) + + + + +## [2.2.5](https://github.com/zkat/make-fetch-happen/compare/v2.2.4...v2.2.5) (2017-04-23) + + +### Bug Fixes + +* **deps:** bump cacache and use its size feature ([926c1d3](https://github.com/zkat/make-fetch-happen/commit/926c1d3)) + + + + +## [2.2.4](https://github.com/zkat/make-fetch-happen/compare/v2.2.3...v2.2.4) (2017-04-18) + + +### Bug Fixes + +* **integrity:** hash verification issues fixed ([07f9402](https://github.com/zkat/make-fetch-happen/commit/07f9402)) + + + + +## [2.2.3](https://github.com/zkat/make-fetch-happen/compare/v2.2.2...v2.2.3) (2017-04-18) + + +### Bug Fixes + +* **staleness:** responses older than 8h were never stale :< ([b54dd75](https://github.com/zkat/make-fetch-happen/commit/b54dd75)) +* **warning:** remove spurious warning, make format more spec-compliant ([2e4f6bb](https://github.com/zkat/make-fetch-happen/commit/2e4f6bb)) + + + + +## [2.2.2](https://github.com/zkat/make-fetch-happen/compare/v2.2.1...v2.2.2) (2017-04-12) + + +### Bug Fixes + +* **retry:** stop retrying 404s ([6fafd53](https://github.com/zkat/make-fetch-happen/commit/6fafd53)) + + + + +## [2.2.1](https://github.com/zkat/make-fetch-happen/compare/v2.2.0...v2.2.1) (2017-04-10) + + +### Bug Fixes + +* **deps:** move test-only deps to devDeps ([2daaf80](https://github.com/zkat/make-fetch-happen/commit/2daaf80)) + + + + +# [2.2.0](https://github.com/zkat/make-fetch-happen/compare/v2.1.0...v2.2.0) (2017-04-09) + + +### Bug Fixes + +* **cache:** treat caches as private ([57b7dc2](https://github.com/zkat/make-fetch-happen/commit/57b7dc2)) + + +### Features + +* **retry:** accept shorthand retry settings ([dfed69d](https://github.com/zkat/make-fetch-happen/commit/dfed69d)) + + + + +# [2.1.0](https://github.com/zkat/make-fetch-happen/compare/v2.0.4...v2.1.0) (2017-04-09) + + +### Features + +* **cache:** cache now obeys Age and a variety of other things (#13) ([7b9652d](https://github.com/zkat/make-fetch-happen/commit/7b9652d)) + + + + +## [2.0.4](https://github.com/zkat/make-fetch-happen/compare/v2.0.3...v2.0.4) (2017-04-09) + + +### Bug Fixes + +* **agent:** accept Request as fetch input, not just strings ([b71669a](https://github.com/zkat/make-fetch-happen/commit/b71669a)) + + + + +## [2.0.3](https://github.com/zkat/make-fetch-happen/compare/v2.0.2...v2.0.3) (2017-04-09) + + +### Bug Fixes + +* **deps:** seriously ([c29e7e7](https://github.com/zkat/make-fetch-happen/commit/c29e7e7)) + + + + +## [2.0.2](https://github.com/zkat/make-fetch-happen/compare/v2.0.1...v2.0.2) (2017-04-09) + + +### Bug Fixes + +* **deps:** use bundleDeps instead ([c36ebf0](https://github.com/zkat/make-fetch-happen/commit/c36ebf0)) + + + + +## [2.0.1](https://github.com/zkat/make-fetch-happen/compare/v2.0.0...v2.0.1) (2017-04-09) + + +### Bug Fixes + +* **deps:** make sure node-fetch tarball included in release ([3bf49d1](https://github.com/zkat/make-fetch-happen/commit/3bf49d1)) + + + + +# [2.0.0](https://github.com/zkat/make-fetch-happen/compare/v1.7.0...v2.0.0) (2017-04-09) + + +### Bug Fixes + +* **deps:** manually pull in newer node-fetch to avoid babel prod dep ([66e5e87](https://github.com/zkat/make-fetch-happen/commit/66e5e87)) +* **retry:** be more specific about when we retry ([a47b782](https://github.com/zkat/make-fetch-happen/commit/a47b782)) + + +### Features + +* **agent:** add ca/cert/key support to auto-agent (#15) ([57585a7](https://github.com/zkat/make-fetch-happen/commit/57585a7)) + + +### BREAKING CHANGES + +* **agent:** pac proxies are no longer supported. +* **retry:** Retry logic has changes. + +* 404s, 420s, and 429s all retry now. +* ENOTFOUND no longer retries. +* Only ECONNRESET, ECONNREFUSED, EADDRINUSE, ETIMEDOUT, and `request-timeout` errors are retried. + + + + +# [1.7.0](https://github.com/zkat/make-fetch-happen/compare/v1.6.0...v1.7.0) (2017-04-08) + + +### Features + +* **cache:** add useful headers to inform users about cached data ([9bd7b00](https://github.com/zkat/make-fetch-happen/commit/9bd7b00)) + + + + +# [1.6.0](https://github.com/zkat/make-fetch-happen/compare/v1.5.1...v1.6.0) (2017-04-06) + + +### Features + +* **agent:** better, keepalive-supporting, default http agents ([16277f6](https://github.com/zkat/make-fetch-happen/commit/16277f6)) + + + + +## [1.5.1](https://github.com/zkat/make-fetch-happen/compare/v1.5.0...v1.5.1) (2017-04-05) + + +### Bug Fixes + +* **cache:** bump cacache for its fixed error messages ([2f2b916](https://github.com/zkat/make-fetch-happen/commit/2f2b916)) +* **cache:** fix handling of errors in cache reads ([5729222](https://github.com/zkat/make-fetch-happen/commit/5729222)) + + + + +# [1.5.0](https://github.com/zkat/make-fetch-happen/compare/v1.4.0...v1.5.0) (2017-04-04) + + +### Features + +* **retry:** retry requests on 408 timeouts, too ([8d8b5bd](https://github.com/zkat/make-fetch-happen/commit/8d8b5bd)) + + + + +# [1.4.0](https://github.com/zkat/make-fetch-happen/compare/v1.3.1...v1.4.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** stop relying on BB.catch ([2b04494](https://github.com/zkat/make-fetch-happen/commit/2b04494)) + + +### Features + +* **retry:** report retry attempt number as extra header ([fd50927](https://github.com/zkat/make-fetch-happen/commit/fd50927)) + + + + +## [1.3.1](https://github.com/zkat/make-fetch-happen/compare/v1.3.0...v1.3.1) (2017-04-04) + + +### Bug Fixes + +* **cache:** pretend cache entry is missing on ENOENT ([9c2bb26](https://github.com/zkat/make-fetch-happen/commit/9c2bb26)) + + + + +# [1.3.0](https://github.com/zkat/make-fetch-happen/compare/v1.2.1...v1.3.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** if metadata is missing for some odd reason, ignore the entry ([a021a6b](https://github.com/zkat/make-fetch-happen/commit/a021a6b)) + + +### Features + +* **cache:** add special headers when request was loaded straight from cache ([8a7dbd1](https://github.com/zkat/make-fetch-happen/commit/8a7dbd1)) +* **cache:** allow configuring algorithms to be calculated on insertion ([bf4a0f2](https://github.com/zkat/make-fetch-happen/commit/bf4a0f2)) + + + + +## [1.2.1](https://github.com/zkat/make-fetch-happen/compare/v1.2.0...v1.2.1) (2017-04-03) + + +### Bug Fixes + +* **integrity:** update cacache and ssri and change EBADCHECKSUM -> EINTEGRITY ([b6cf6f6](https://github.com/zkat/make-fetch-happen/commit/b6cf6f6)) + + + + +# [1.2.0](https://github.com/zkat/make-fetch-happen/compare/v1.1.0...v1.2.0) (2017-04-03) + + +### Features + +* **integrity:** full Subresource Integrity support (#10) ([a590159](https://github.com/zkat/make-fetch-happen/commit/a590159)) + + + + +# [1.1.0](https://github.com/zkat/make-fetch-happen/compare/v1.0.1...v1.1.0) (2017-04-01) + + +### Features + +* **opts:** fetch.defaults() for default options ([522a65e](https://github.com/zkat/make-fetch-happen/commit/522a65e)) + + + + +## [1.0.1](https://github.com/zkat/make-fetch-happen/compare/v1.0.0...v1.0.1) (2017-04-01) + + + + +# 1.0.0 (2017-04-01) + + +### Bug Fixes + +* **cache:** default on cache-control header ([b872a2c](https://github.com/zkat/make-fetch-happen/commit/b872a2c)) +* standard stuff and cache matching ([753f2c2](https://github.com/zkat/make-fetch-happen/commit/753f2c2)) +* **agent:** nudge around things with opts.agent ([ed62b57](https://github.com/zkat/make-fetch-happen/commit/ed62b57)) +* **agent:** {agent: false} has special behavior ([b8cc923](https://github.com/zkat/make-fetch-happen/commit/b8cc923)) +* **cache:** invalidation on non-GET ([fe78fac](https://github.com/zkat/make-fetch-happen/commit/fe78fac)) +* **cache:** make force-cache and only-if-cached work as expected ([f50e9df](https://github.com/zkat/make-fetch-happen/commit/f50e9df)) +* **cache:** more spec compliance ([d5a56db](https://github.com/zkat/make-fetch-happen/commit/d5a56db)) +* **cache:** only cache 200 gets ([0abb25a](https://github.com/zkat/make-fetch-happen/commit/0abb25a)) +* **cache:** only load cache code if cache opt is a string ([250fcd5](https://github.com/zkat/make-fetch-happen/commit/250fcd5)) +* **cache:** oops ([e3fa15a](https://github.com/zkat/make-fetch-happen/commit/e3fa15a)) +* **cache:** refactored warning removal into main file ([5b0a9f9](https://github.com/zkat/make-fetch-happen/commit/5b0a9f9)) +* **cache:** req constructor no longer needed in Cache ([5b74cbc](https://github.com/zkat/make-fetch-happen/commit/5b74cbc)) +* **cache:** standard fetch api calls cacheMode "cache" ([6fba805](https://github.com/zkat/make-fetch-happen/commit/6fba805)) +* **cache:** was using wrong method for non-GET/HEAD cache invalidation ([810763a](https://github.com/zkat/make-fetch-happen/commit/810763a)) +* **caching:** a bunch of cache-related fixes ([8ebda1d](https://github.com/zkat/make-fetch-happen/commit/8ebda1d)) +* **deps:** `cacache[@6](https://github.com/6).3.0` - race condition fixes ([9528442](https://github.com/zkat/make-fetch-happen/commit/9528442)) +* **freshness:** fix regex for cacheControl matching ([070db86](https://github.com/zkat/make-fetch-happen/commit/070db86)) +* **freshness:** fixed default freshness heuristic value ([5d29e88](https://github.com/zkat/make-fetch-happen/commit/5d29e88)) +* **logging:** remove console.log calls ([a1d0a47](https://github.com/zkat/make-fetch-happen/commit/a1d0a47)) +* **method:** node-fetch guarantees uppercase ([a1d68d6](https://github.com/zkat/make-fetch-happen/commit/a1d68d6)) +* **opts:** simplified opts handling ([516fd6e](https://github.com/zkat/make-fetch-happen/commit/516fd6e)) +* **proxy:** pass proxy option directly to ProxyAgent ([3398460](https://github.com/zkat/make-fetch-happen/commit/3398460)) +* **retry:** false -> {retries: 0} ([297fbb6](https://github.com/zkat/make-fetch-happen/commit/297fbb6)) +* **retry:** only retry put if body is not a stream ([a24e599](https://github.com/zkat/make-fetch-happen/commit/a24e599)) +* **retry:** skip retries if body is a stream for ANY method ([780c0f8](https://github.com/zkat/make-fetch-happen/commit/780c0f8)) + + +### Features + +* **api:** initial implementation -- can make and cache requests ([7d55b49](https://github.com/zkat/make-fetch-happen/commit/7d55b49)) +* **fetch:** injectable cache, and retry support ([87b84bf](https://github.com/zkat/make-fetch-happen/commit/87b84bf)) + + +### BREAKING CHANGES + +* **cache:** opts.cache -> opts.cacheManager; opts.cacheMode -> opts.cache +* **fetch:** opts.cache accepts a Cache-like obj or a path. Requests are now retried. +* **api:** actual api implemented diff --git a/node_modules/libnpmaccess/node_modules/make-fetch-happen/LICENSE b/node_modules/libnpmaccess/node_modules/make-fetch-happen/LICENSE new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/make-fetch-happen/LICENSE @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmaccess/node_modules/make-fetch-happen/README.md b/node_modules/libnpmaccess/node_modules/make-fetch-happen/README.md new file mode 100644 index 0000000000000..4d12d8dae7e31 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/make-fetch-happen/README.md @@ -0,0 +1,404 @@ +# make-fetch-happen [![npm version](https://img.shields.io/npm/v/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![license](https://img.shields.io/npm/l/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![Travis](https://img.shields.io/travis/zkat/make-fetch-happen.svg)](https://travis-ci.org/zkat/make-fetch-happen) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/make-fetch-happen?svg=true)](https://ci.appveyor.com/project/zkat/make-fetch-happen) [![Coverage Status](https://coveralls.io/repos/github/zkat/make-fetch-happen/badge.svg?branch=latest)](https://coveralls.io/github/zkat/make-fetch-happen?branch=latest) + + +[`make-fetch-happen`](https://github.com/zkat/make-fetch-happen) is a Node.js +library that wraps [`node-fetch-npm`](https://github.com/npm/node-fetch-npm) with additional +features [`node-fetch`](https://github.com/bitinn/node-fetch) doesn't intend to include, including HTTP Cache support, request +pooling, proxies, retries, [and more](#features)! + +## Install + +`$ npm install --save make-fetch-happen` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.defaults`](#fetch-defaults) + * [`node-fetch` options](#node-fetch-options) + * [`make-fetch-happen` options](#extra-options) + * [`opts.cacheManager`](#opts-cache-manager) + * [`opts.cache`](#opts-cache) + * [`opts.proxy`](#opts-proxy) + * [`opts.noProxy`](#opts-no-proxy) + * [`opts.ca, opts.cert, opts.key`](#https-opts) + * [`opts.maxSockets`](#opts-max-sockets) + * [`opts.retry`](#opts-retry) + * [`opts.onRetry`](#opts-onretry) + * [`opts.integrity`](#opts-integrity) +* [Message From Our Sponsors](#wow) + +### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' // path where cache will be written (and read) +}) + +fetch('https://registry.npmjs.org/make-fetch-happen').then(res => { + return res.json() // download the body as JSON +}).then(body => { + console.log(`got ${body.name} from web`) + return fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'no-cache' // forces a conditional request + }) +}).then(res => { + console.log(res.status) // 304! cache validated! + return res.json().then(body => { + console.log(`got ${body.name} from cache`) + }) +}) +``` + +### Features + +* Builds around [`node-fetch`](https://npm.im/node-fetch) for the core [`fetch` API](https://fetch.spec.whatwg.org) implementation +* Request pooling out of the box +* Quite fast, really +* Automatic HTTP-semantics-aware request retries +* Cache-fallback automatic "offline mode" +* Proxy support (http, https, socks, socks4, socks5) +* Built-in request caching following full HTTP caching rules (`Cache-Control`, `ETag`, `304`s, cache fallback on error, etc). +* Customize cache storage with any [Cache API](https://developer.mozilla.org/en-US/docs/Web/API/Cache)-compliant `Cache` instance. Cache to Redis! +* Node.js Stream support +* Transparent gzip and deflate support +* [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) support +* Literally punches nazis +* (PENDING) Range request caching and resuming + +### Contributing + +The make-fetch-happen team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](CONTRIBUTING.md) has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(uriOrRequest, [opts]) -> Promise` + +This function implements most of the [`fetch` API](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch): given a `uri` string or a `Request` instance, it will fire off an http request and return a Promise containing the relevant response. + +If `opts` is provided, the [`node-fetch`-specific options](#node-fetch-options) will be passed to that library. There are also [additional options](#extra-options) specific to make-fetch-happen that add various features, such as HTTP caching, integrity verification, proxy support, and more. + +##### Example + +```javascript +fetch('https://google.com').then(res => res.buffer()) +``` + +#### `> fetch.defaults([defaultUrl], [defaultOpts])` + +Returns a new `fetch` function that will call `make-fetch-happen` using `defaultUrl` and `defaultOpts` as default values to any calls. + +A defaulted `fetch` will also have a `.defaults()` method, so they can be chained. + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-local-cache' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen') // will always use the cache +``` + +#### `> node-fetch options` + +The following options for `node-fetch` are used as-is: + +* method +* body +* redirect +* follow +* timeout +* compress +* size + +These other options are modified or augmented by make-fetch-happen: + +* headers - Default `User-Agent` set to make-fetch happen. `Connection` is set to `keep-alive` or `close` automatically depending on `opts.agent`. +* agent + * If agent is null, an http or https Agent will be automatically used. By default, these will be `http.globalAgent` and `https.globalAgent`. + * If [`opts.proxy`](#opts-proxy) is provided and `opts.agent` is null, the agent will be set to an appropriate proxy-handling agent. + * If `opts.agent` is an object, it will be used as the request-pooling agent argument for this request. + * If `opts.agent` is `false`, it will be passed as-is to the underlying request library. This causes a new Agent to be spawned for every request. + +For more details, see [the documentation for `node-fetch` itself](https://github.com/bitinn/node-fetch#options). + +#### `> make-fetch-happen options` + +make-fetch-happen augments the `node-fetch` API with additional features available through extra options. The following extra options are available: + +* [`opts.cacheManager`](#opts-cache-manager) - Cache target to read/write +* [`opts.cache`](#opts-cache) - `fetch` cache mode. Controls cache *behavior*. +* [`opts.proxy`](#opts-proxy) - Proxy agent +* [`opts.noProxy`](#opts-no-proxy) - Domain segments to disable proxying for. +* [`opts.ca, opts.cert, opts.key, opts.strictSSL`](#https-opts) +* [`opts.localAddress`](#opts-local-address) +* [`opts.maxSockets`](#opts-max-sockets) +* [`opts.retry`](#opts-retry) - Request retry settings +* [`opts.onRetry`](#opts-onretry) - a function called whenever a retry is attempted +* [`opts.integrity`](#opts-integrity) - [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. + +#### `> opts.cacheManager` + +Either a `String` or a `Cache`. If the former, it will be assumed to be a `Path` to be used as the cache root for [`cacache`](https://npm.im/cacache). + +If an object is provided, it will be assumed to be a compliant [`Cache` instance](https://developer.mozilla.org/en-US/docs/Web/API/Cache). Only `Cache.match()`, `Cache.put()`, and `Cache.delete()` are required. Options objects will not be passed in to `match()` or `delete()`. + +By implementing this API, you can customize the storage backend for make-fetch-happen itself -- for example, you could implement a cache that uses `redis` for caching, or simply keeps everything in memory. Most of the caching logic exists entirely on the make-fetch-happen side, so the only thing you need to worry about is reading, writing, and deleting, as well as making sure `fetch.Response` objects are what gets returned. + +You can refer to `cache.js` in the make-fetch-happen source code for a reference implementation. + +**NOTE**: Requests will not be cached unless their response bodies are consumed. You will need to use one of the `res.json()`, `res.buffer()`, etc methods on the response, or drain the `res.body` stream, in order for it to be written. + +The default cache manager also adds the following headers to cached responses: + +* `X-Local-Cache`: Path to the cache the content was found in +* `X-Local-Cache-Key`: Unique cache entry key for this response +* `X-Local-Cache-Hash`: Specific integrity hash for the cached entry +* `X-Local-Cache-Time`: UTCString of the cache insertion time for the entry + +Using [`cacache`](https://npm.im/cacache), a call like this may be used to +manually fetch the cached entry: + +```javascript +const h = response.headers +cacache.get(h.get('x-local-cache'), h.get('x-local-cache-key')) + +// grab content only, directly: +cacache.get.byDigest(h.get('x-local-cache'), h.get('x-local-cache-hash')) +``` + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + cacheManager: './my-local-cache' +}) // -> 200-level response will be written to disk + +fetch('https://npm.im/cacache', { + cacheManager: new MyCustomRedisCache(process.env.PORT) +}) // -> 200-level response will be written to redis +``` + +A possible (minimal) implementation for `MyCustomRedisCache`: + +```javascript +const bluebird = require('bluebird') +const redis = require("redis") +bluebird.promisifyAll(redis.RedisClient.prototype) +class MyCustomRedisCache { + constructor (opts) { + this.redis = redis.createClient(opts) + } + match (req) { + return this.redis.getAsync(req.url).then(res => { + if (res) { + const parsed = JSON.parse(res) + return new fetch.Response(parsed.body, { + url: req.url, + headers: parsed.headers, + status: 200 + }) + } + }) + } + put (req, res) { + return res.buffer().then(body => { + return this.redis.setAsync(req.url, JSON.stringify({ + body: body, + headers: res.headers.raw() + })) + }).then(() => { + // return the response itself + return res + }) + } + 'delete' (req) { + return this.redis.unlinkAsync(req.url) + } +} +``` + +#### `> opts.cache` + +This option follows the standard `fetch` API cache option. This option will do nothing if [`opts.cacheManager`](#opts-cache-manager) is null. The following values are accepted (as strings): + +* `default` - Fetch will inspect the HTTP cache on the way to the network. If there is a fresh response it will be used. If there is a stale response a conditional request will be created, and a normal request otherwise. It then updates the HTTP cache with the response. If the revalidation request fails (for example, on a 500 or if you're offline), the stale response will be returned. +* `no-store` - Fetch behaves as if there is no HTTP cache at all. +* `reload` - Fetch behaves as if there is no HTTP cache on the way to the network. Ergo, it creates a normal request and updates the HTTP cache with the response. +* `no-cache` - Fetch creates a conditional request if there is a response in the HTTP cache and a normal request otherwise. It then updates the HTTP cache with the response. +* `force-cache` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it creates a normal request and updates the HTTP cache with the response. +* `only-if-cached` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it returns a network error. (Can only be used when request’s mode is "same-origin". Any cached redirects will be followed assuming request’s redirect mode is "follow" and the redirects do not violate request’s mode.) + +(Note: option descriptions are taken from https://fetch.spec.whatwg.org/#http-network-or-cache-fetch) + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' +}) + +// Will error with ENOTCACHED if we haven't already cached this url +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'only-if-cached' +}) + +// Will refresh any local content and cache the new response +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'reload' +}) + +// Will use any local data, even if stale. Otherwise, will hit network. +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'force-cache' +}) +``` + +#### `> opts.proxy` + +A string or `url.parse`-d URI to proxy through. Different Proxy handlers will be +used depending on the proxy's protocol. + +Additionally, `process.env.HTTP_PROXY`, `process.env.HTTPS_PROXY`, and +`process.env.PROXY` are used if present and no `opts.proxy` value is provided. + +(Pending) `process.env.NO_PROXY` may also be configured to skip proxying requests for all, or specific domains. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: 'https://corporate.yourcompany.proxy:4445' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: { + protocol: 'https:', + hostname: 'corporate.yourcompany.proxy', + port: 4445 + } +}) +``` + +#### `> opts.noProxy` + +If present, should be a comma-separated string or an array of domain extensions +that a proxy should _not_ be used for. + +This option may also be provided through `process.env.NO_PROXY`. + +#### `> opts.ca, opts.cert, opts.key, opts.strictSSL` + +These values are passed in directly to the HTTPS agent and will be used for both +proxied and unproxied outgoing HTTPS requests. They mostly correspond to the +same options the `https` module accepts, which will be themselves passed to +`tls.connect()`. `opts.strictSSL` corresponds to `rejectUnauthorized`. + +#### `> opts.localAddress` + +Passed directly to `http` and `https` request calls. Determines the local +address to bind to. + +#### `> opts.maxSockets` + +Default: 15 + +Maximum number of active concurrent sockets to use for the underlying +Http/Https/Proxy agents. This setting applies once per spawned agent. + +15 is probably a _pretty good value_ for most use-cases, and balances speed +with, uh, not knocking out people's routers. 🤓 + +#### `> opts.retry` + +An object that can be used to tune request retry settings. Retries will only be attempted on the following conditions: + +* Request method is NOT `POST` AND +* Request status is one of: `408`, `420`, `429`, or any status in the 500-range. OR +* Request errored with `ECONNRESET`, `ECONNREFUSED`, `EADDRINUSE`, `ETIMEDOUT`, or the `fetch` error `request-timeout`. + +The following are worth noting as explicitly not retried: + +* `getaddrinfo ENOTFOUND` and will be assumed to be either an unreachable domain or the user will be assumed offline. If a response is cached, it will be returned immediately. +* `ECONNRESET` currently has no support for restarting. It will eventually be supported but requires a bit more juggling due to streaming. + +If `opts.retry` is `false`, it is equivalent to `{retries: 0}` + +If `opts.retry` is a number, it is equivalent to `{retries: num}` + +The following retry options are available if you want more control over it: + +* retries +* factor +* minTimeout +* maxTimeout +* randomize + +For details on what each of these do, refer to the [`retry`](https://npm.im/retry) documentation. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + retry: { + retries: 10, + randomize: true + } +}) + +fetch('http://reliable.site.com', { + retry: false +}) + +fetch('http://one-more.site.com', { + retry: 3 +}) +``` + +#### `> opts.onRetry` + +A function called whenever a retry is attempted. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + onRetry() { + console.log('we will retry!') + } +}) +``` + +#### `> opts.integrity` + +Matches the response body against the given [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. If verification fails, the request will fail with an `EINTEGRITY` error. + +`integrity` may either be a string or an [`ssri`](https://npm.im/ssri) `Integrity`-like. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // -> ok + +fetch('https://malicious-registry.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // Error: EINTEGRITY +``` + +### Message From Our Sponsors + +![](stop.gif) + +![](happening.gif) diff --git a/node_modules/libnpmaccess/node_modules/make-fetch-happen/agent.js b/node_modules/libnpmaccess/node_modules/make-fetch-happen/agent.js new file mode 100644 index 0000000000000..55675946ad97d --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/make-fetch-happen/agent.js @@ -0,0 +1,171 @@ +'use strict' +const LRU = require('lru-cache') +const url = require('url') + +let AGENT_CACHE = new LRU({ max: 50 }) +let HttpsAgent +let HttpAgent + +module.exports = getAgent + +function getAgent (uri, opts) { + const parsedUri = url.parse(typeof uri === 'string' ? uri : uri.url) + const isHttps = parsedUri.protocol === 'https:' + const pxuri = getProxyUri(uri, opts) + + const key = [ + `https:${isHttps}`, + pxuri + ? `proxy:${pxuri.protocol}//${pxuri.host}:${pxuri.port}` + : '>no-proxy<', + `local-address:${opts.localAddress || '>no-local-address<'}`, + `strict-ssl:${isHttps ? !!opts.strictSSL : '>no-strict-ssl<'}`, + `ca:${(isHttps && opts.ca) || '>no-ca<'}`, + `cert:${(isHttps && opts.cert) || '>no-cert<'}`, + `key:${(isHttps && opts.key) || '>no-key<'}` + ].join(':') + + if (opts.agent != null) { // `agent: false` has special behavior! + return opts.agent + } + + if (AGENT_CACHE.peek(key)) { + return AGENT_CACHE.get(key) + } + + if (pxuri) { + const proxy = getProxy(pxuri, opts, isHttps) + AGENT_CACHE.set(key, proxy) + return proxy + } + + if (isHttps && !HttpsAgent) { + HttpsAgent = require('agentkeepalive').HttpsAgent + } else if (!isHttps && !HttpAgent) { + HttpAgent = require('agentkeepalive') + } + + // If opts.timeout is zero, set the agentTimeout to zero as well. A timeout + // of zero disables the timeout behavior (OS limits still apply). Else, if + // opts.timeout is a non-zero value, set it to timeout + 1, to ensure that + // the node-fetch-npm timeout will always fire first, giving us more + // consistent errors. + const agentTimeout = opts.timeout === 0 ? 0 : opts.timeout + 1 + + const agent = isHttps ? new HttpsAgent({ + maxSockets: opts.maxSockets || 15, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + localAddress: opts.localAddress, + rejectUnauthorized: opts.strictSSL, + timeout: agentTimeout + }) : new HttpAgent({ + maxSockets: opts.maxSockets || 15, + localAddress: opts.localAddress, + timeout: agentTimeout + }) + AGENT_CACHE.set(key, agent) + return agent +} + +function checkNoProxy (uri, opts) { + const host = url.parse(uri).hostname.split('.').reverse() + let noproxy = (opts.noProxy || getProcessEnv('no_proxy')) + if (typeof noproxy === 'string') { + noproxy = noproxy.split(/\s*,\s*/g) + } + return noproxy && noproxy.some(no => { + const noParts = no.split('.').filter(x => x).reverse() + if (!noParts.length) { return false } + for (let i = 0; i < noParts.length; i++) { + if (host[i] !== noParts[i]) { + return false + } + } + return true + }) +} + +module.exports.getProcessEnv = getProcessEnv + +function getProcessEnv (env) { + if (!env) { return } + + let value + + if (Array.isArray(env)) { + for (let e of env) { + value = process.env[e] || + process.env[e.toUpperCase()] || + process.env[e.toLowerCase()] + if (typeof value !== 'undefined') { break } + } + } + + if (typeof env === 'string') { + value = process.env[env] || + process.env[env.toUpperCase()] || + process.env[env.toLowerCase()] + } + + return value +} + +function getProxyUri (uri, opts) { + const protocol = url.parse(uri).protocol + + const proxy = opts.proxy || ( + protocol === 'https:' && getProcessEnv('https_proxy') + ) || ( + protocol === 'http:' && getProcessEnv(['https_proxy', 'http_proxy', 'proxy']) + ) + if (!proxy) { return null } + + const parsedProxy = (typeof proxy === 'string') ? url.parse(proxy) : proxy + + return !checkNoProxy(uri, opts) && parsedProxy +} + +let HttpProxyAgent +let HttpsProxyAgent +let SocksProxyAgent +function getProxy (proxyUrl, opts, isHttps) { + let popts = { + host: proxyUrl.hostname, + port: proxyUrl.port, + protocol: proxyUrl.protocol, + path: proxyUrl.path, + auth: proxyUrl.auth, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + timeout: opts.timeout === 0 ? 0 : opts.timeout + 1, + localAddress: opts.localAddress, + maxSockets: opts.maxSockets || 15, + rejectUnauthorized: opts.strictSSL + } + + if (proxyUrl.protocol === 'http:' || proxyUrl.protocol === 'https:') { + if (!isHttps) { + if (!HttpProxyAgent) { + HttpProxyAgent = require('http-proxy-agent') + } + + return new HttpProxyAgent(popts) + } else { + if (!HttpsProxyAgent) { + HttpsProxyAgent = require('https-proxy-agent') + } + + return new HttpsProxyAgent(popts) + } + } + if (proxyUrl.protocol.startsWith('socks')) { + if (!SocksProxyAgent) { + SocksProxyAgent = require('socks-proxy-agent') + } + + return new SocksProxyAgent(popts) + } +} diff --git a/node_modules/libnpmaccess/node_modules/make-fetch-happen/cache.js b/node_modules/libnpmaccess/node_modules/make-fetch-happen/cache.js new file mode 100644 index 0000000000000..0c519e69fbe81 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/make-fetch-happen/cache.js @@ -0,0 +1,249 @@ +'use strict' + +const cacache = require('cacache') +const fetch = require('node-fetch-npm') +const pipe = require('mississippi').pipe +const ssri = require('ssri') +const through = require('mississippi').through +const to = require('mississippi').to +const url = require('url') +const stream = require('stream') + +const MAX_MEM_SIZE = 5 * 1024 * 1024 // 5MB + +function cacheKey (req) { + const parsed = url.parse(req.url) + return `make-fetch-happen:request-cache:${ + url.format({ + protocol: parsed.protocol, + slashes: parsed.slashes, + host: parsed.host, + hostname: parsed.hostname, + pathname: parsed.pathname + }) + }` +} + +// This is a cacache-based implementation of the Cache standard, +// using node-fetch. +// docs: https://developer.mozilla.org/en-US/docs/Web/API/Cache +// +module.exports = class Cache { + constructor (path, opts) { + this._path = path + this._uid = opts && opts.uid + this._gid = opts && opts.gid + this.Promise = (opts && opts.Promise) || Promise + } + + // Returns a Promise that resolves to the response associated with the first + // matching request in the Cache object. + match (req, opts) { + opts = opts || {} + const key = cacheKey(req) + return cacache.get.info(this._path, key).then(info => { + return info && cacache.get.hasContent( + this._path, info.integrity, opts + ).then(exists => exists && info) + }).then(info => { + if (info && info.metadata && matchDetails(req, { + url: info.metadata.url, + reqHeaders: new fetch.Headers(info.metadata.reqHeaders), + resHeaders: new fetch.Headers(info.metadata.resHeaders), + cacheIntegrity: info.integrity, + integrity: opts && opts.integrity + })) { + const resHeaders = new fetch.Headers(info.metadata.resHeaders) + addCacheHeaders(resHeaders, this._path, key, info.integrity, info.time) + if (req.method === 'HEAD') { + return new fetch.Response(null, { + url: req.url, + headers: resHeaders, + status: 200 + }) + } + let body + const cachePath = this._path + // avoid opening cache file handles until a user actually tries to + // read from it. + if (opts.memoize !== false && info.size > MAX_MEM_SIZE) { + body = new stream.PassThrough() + const realRead = body._read + body._read = function (size) { + body._read = realRead + pipe( + cacache.get.stream.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }), + body, + err => body.emit(err)) + return realRead.call(this, size) + } + } else { + let readOnce = false + // cacache is much faster at bulk reads + body = new stream.Readable({ + read () { + if (readOnce) return this.push(null) + readOnce = true + cacache.get.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }).then(data => { + this.push(data) + this.push(null) + }, err => this.emit('error', err)) + } + }) + } + return this.Promise.resolve(new fetch.Response(body, { + url: req.url, + headers: resHeaders, + status: 200, + size: info.size + })) + } + }) + } + + // Takes both a request and its response and adds it to the given cache. + put (req, response, opts) { + opts = opts || {} + const size = response.headers.get('content-length') + const fitInMemory = !!size && opts.memoize !== false && size < MAX_MEM_SIZE + const ckey = cacheKey(req) + const cacheOpts = { + algorithms: opts.algorithms, + metadata: { + url: req.url, + reqHeaders: req.headers.raw(), + resHeaders: response.headers.raw() + }, + uid: this._uid, + gid: this._gid, + size, + memoize: fitInMemory && opts.memoize + } + if (req.method === 'HEAD' || response.status === 304) { + // Update metadata without writing + return cacache.get.info(this._path, ckey).then(info => { + // Providing these will bypass content write + cacheOpts.integrity = info.integrity + addCacheHeaders( + response.headers, this._path, ckey, info.integrity, info.time + ) + return new this.Promise((resolve, reject) => { + pipe( + cacache.get.stream.byDigest(this._path, info.integrity, cacheOpts), + cacache.put.stream(this._path, cacheKey(req), cacheOpts), + err => err ? reject(err) : resolve(response) + ) + }) + }).then(() => response) + } + let buf = [] + let bufSize = 0 + let cacheTargetStream = false + const cachePath = this._path + let cacheStream = to((chunk, enc, cb) => { + if (!cacheTargetStream) { + if (fitInMemory) { + cacheTargetStream = + to({highWaterMark: MAX_MEM_SIZE}, (chunk, enc, cb) => { + buf.push(chunk) + bufSize += chunk.length + cb() + }, done => { + cacache.put( + cachePath, + cacheKey(req), + Buffer.concat(buf, bufSize), + cacheOpts + ).then( + () => done(), + done + ) + }) + } else { + cacheTargetStream = + cacache.put.stream(cachePath, cacheKey(req), cacheOpts) + } + } + cacheTargetStream.write(chunk, enc, cb) + }, done => { + cacheTargetStream ? cacheTargetStream.end(done) : done() + }) + const oldBody = response.body + const newBody = through({highWaterMark: fitInMemory && MAX_MEM_SIZE}) + response.body = newBody + oldBody.once('error', err => newBody.emit('error', err)) + newBody.once('error', err => oldBody.emit('error', err)) + cacheStream.once('error', err => newBody.emit('error', err)) + pipe(oldBody, to((chunk, enc, cb) => { + cacheStream.write(chunk, enc, () => { + newBody.write(chunk, enc, cb) + }) + }, done => { + cacheStream.end(() => { + newBody.end(() => { + done() + }) + }) + }), err => err && newBody.emit('error', err)) + return response + } + + // Finds the Cache entry whose key is the request, and if found, deletes the + // Cache entry and returns a Promise that resolves to true. If no Cache entry + // is found, it returns false. + 'delete' (req, opts) { + opts = opts || {} + if (typeof opts.memoize === 'object') { + if (opts.memoize.reset) { + opts.memoize.reset() + } else if (opts.memoize.clear) { + opts.memoize.clear() + } else { + Object.keys(opts.memoize).forEach(k => { + opts.memoize[k] = null + }) + } + } + return cacache.rm.entry( + this._path, + cacheKey(req) + // TODO - true/false + ).then(() => false) + } +} + +function matchDetails (req, cached) { + const reqUrl = url.parse(req.url) + const cacheUrl = url.parse(cached.url) + const vary = cached.resHeaders.get('Vary') + // https://tools.ietf.org/html/rfc7234#section-4.1 + if (vary) { + if (vary.match(/\*/)) { + return false + } else { + const fieldsMatch = vary.split(/\s*,\s*/).every(field => { + return cached.reqHeaders.get(field) === req.headers.get(field) + }) + if (!fieldsMatch) { + return false + } + } + } + if (cached.integrity) { + return ssri.parse(cached.integrity).match(cached.cacheIntegrity) + } + reqUrl.hash = null + cacheUrl.hash = null + return url.format(reqUrl) === url.format(cacheUrl) +} + +function addCacheHeaders (resHeaders, path, key, hash, time) { + resHeaders.set('X-Local-Cache', encodeURIComponent(path)) + resHeaders.set('X-Local-Cache-Key', encodeURIComponent(key)) + resHeaders.set('X-Local-Cache-Hash', encodeURIComponent(hash)) + resHeaders.set('X-Local-Cache-Time', new Date(time).toUTCString()) +} diff --git a/node_modules/libnpmaccess/node_modules/make-fetch-happen/index.js b/node_modules/libnpmaccess/node_modules/make-fetch-happen/index.js new file mode 100644 index 0000000000000..0f2c164e19f28 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/make-fetch-happen/index.js @@ -0,0 +1,482 @@ +'use strict' + +let Cache +const url = require('url') +const CachePolicy = require('http-cache-semantics') +const fetch = require('node-fetch-npm') +const pkg = require('./package.json') +const retry = require('promise-retry') +let ssri +const Stream = require('stream') +const getAgent = require('./agent') +const setWarning = require('./warning') + +const isURL = /^https?:/ +const USER_AGENT = `${pkg.name}/${pkg.version} (+https://npm.im/${pkg.name})` + +const RETRY_ERRORS = [ + 'ECONNRESET', // remote socket closed on us + 'ECONNREFUSED', // remote host refused to open connection + 'EADDRINUSE', // failed to bind to a local port (proxy?) + 'ETIMEDOUT' // someone in the transaction is WAY TOO SLOW + // Known codes we do NOT retry on: + // ENOTFOUND (getaddrinfo failure. Either bad hostname, or offline) +] + +const RETRY_TYPES = [ + 'request-timeout' +] + +// https://fetch.spec.whatwg.org/#http-network-or-cache-fetch +module.exports = cachingFetch +cachingFetch.defaults = function (_uri, _opts) { + const fetch = this + if (typeof _uri === 'object') { + _opts = _uri + _uri = null + } + + function defaultedFetch (uri, opts) { + const finalOpts = Object.assign({}, _opts || {}, opts || {}) + return fetch(uri || _uri, finalOpts) + } + + defaultedFetch.defaults = fetch.defaults + defaultedFetch.delete = fetch.delete + return defaultedFetch +} + +cachingFetch.delete = cacheDelete +function cacheDelete (uri, opts) { + opts = configureOptions(opts) + if (opts.cacheManager) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + return opts.cacheManager.delete(req, opts) + } +} + +function initializeCache (opts) { + if (typeof opts.cacheManager === 'string') { + if (!Cache) { + // Default cacache-based cache + Cache = require('./cache') + } + + opts.cacheManager = new Cache(opts.cacheManager, opts) + } + + opts.cache = opts.cache || 'default' + + if (opts.cache === 'default' && isHeaderConditional(opts.headers)) { + // If header list contains `If-Modified-Since`, `If-None-Match`, + // `If-Unmodified-Since`, `If-Match`, or `If-Range`, fetch will set cache + // mode to "no-store" if it is "default". + opts.cache = 'no-store' + } +} + +function configureOptions (_opts) { + const opts = Object.assign({}, _opts || {}) + opts.method = (opts.method || 'GET').toUpperCase() + + if (opts.retry && typeof opts.retry === 'number') { + opts.retry = { retries: opts.retry } + } + + if (opts.retry === false) { + opts.retry = { retries: 0 } + } + + if (opts.cacheManager) { + initializeCache(opts) + } + + return opts +} + +function initializeSsri () { + if (!ssri) { + ssri = require('ssri') + } +} + +function cachingFetch (uri, _opts) { + const opts = configureOptions(_opts) + + if (opts.integrity) { + initializeSsri() + // if verifying integrity, node-fetch must not decompress + opts.compress = false + } + + const isCachable = (opts.method === 'GET' || opts.method === 'HEAD') && + opts.cacheManager && + opts.cache !== 'no-store' && + opts.cache !== 'reload' + + if (isCachable) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + + return opts.cacheManager.match(req, opts).then(res => { + if (res) { + const warningCode = (res.headers.get('Warning') || '').match(/^\d+/) + if (warningCode && +warningCode >= 100 && +warningCode < 200) { + // https://tools.ietf.org/html/rfc7234#section-4.3.4 + // + // If a stored response is selected for update, the cache MUST: + // + // * delete any Warning header fields in the stored response with + // warn-code 1xx (see Section 5.5); + // + // * retain any Warning header fields in the stored response with + // warn-code 2xx; + // + res.headers.delete('Warning') + } + + if (opts.cache === 'default' && !isStale(req, res)) { + return res + } + + if (opts.cache === 'default' || opts.cache === 'no-cache') { + return conditionalFetch(req, res, opts) + } + + if (opts.cache === 'force-cache' || opts.cache === 'only-if-cached') { + // 112 Disconnected operation + // SHOULD be included if the cache is intentionally disconnected from + // the rest of the network for a period of time. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(res, 112, 'Disconnected operation') + return res + } + } + + if (!res && opts.cache === 'only-if-cached') { + const errorMsg = `request to ${ + uri + } failed: cache mode is 'only-if-cached' but no cached response available.` + + const err = new Error(errorMsg) + err.code = 'ENOTCACHED' + throw err + } + + // Missing cache entry, or mode is default (if stale), reload, no-store + return remoteFetch(req.url, opts) + }) + } + + return remoteFetch(uri, opts) +} + +function iterableToObject (iter) { + const obj = {} + for (let k of iter.keys()) { + obj[k] = iter.get(k) + } + return obj +} + +function makePolicy (req, res) { + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + const _res = { + status: res.status, + headers: iterableToObject(res.headers) + } + + return new CachePolicy(_req, _res, { shared: false }) +} + +// https://tools.ietf.org/html/rfc7234#section-4.2 +function isStale (req, res) { + if (!res) { + return null + } + + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + + const policy = makePolicy(req, res) + + const responseTime = res.headers.get('x-local-cache-time') || + res.headers.get('date') || + 0 + + policy._responseTime = new Date(responseTime) + + const bool = !policy.satisfiesWithoutRevalidation(_req) + return bool +} + +function mustRevalidate (res) { + return (res.headers.get('cache-control') || '').match(/must-revalidate/i) +} + +function conditionalFetch (req, cachedRes, opts) { + const _req = { + url: req.url, + method: req.method, + headers: Object.assign({}, opts.headers || {}) + } + + const policy = makePolicy(req, cachedRes) + opts.headers = policy.revalidationHeaders(_req) + + return remoteFetch(req.url, opts) + .then(condRes => { + const revalidatedPolicy = policy.revalidatedPolicy(_req, { + status: condRes.status, + headers: iterableToObject(condRes.headers) + }) + + if (condRes.status >= 500 && !mustRevalidate(cachedRes)) { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + return cachedRes + } + + if (condRes.status === 304) { // 304 Not Modified + condRes.body = cachedRes.body + return opts.cacheManager.put(req, condRes, opts) + .then(newRes => { + newRes.headers = new fetch.Headers(revalidatedPolicy.policy.responseHeaders()) + return newRes + }) + } + + return condRes + }) + .then(res => res) + .catch(err => { + if (mustRevalidate(cachedRes)) { + throw err + } else { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + // 199 Miscellaneous warning + // The warning text MAY include arbitrary information to be presented to + // a human user, or logged. A system receiving this warning MUST NOT take + // any automated action, besides presenting the warning to the user. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning( + cachedRes, + 199, + `Miscellaneous Warning ${err.code}: ${err.message}` + ) + + return cachedRes + } + }) +} + +function remoteFetchHandleIntegrity (res, integrity) { + const oldBod = res.body + const newBod = ssri.integrityStream({ + integrity + }) + oldBod.pipe(newBod) + res.body = newBod + oldBod.once('error', err => { + newBod.emit('error', err) + }) + newBod.once('error', err => { + oldBod.emit('error', err) + }) +} + +function remoteFetch (uri, opts) { + const agent = getAgent(uri, opts) + const headers = Object.assign({ + 'connection': agent ? 'keep-alive' : 'close', + 'user-agent': USER_AGENT + }, opts.headers || {}) + + const reqOpts = { + agent, + body: opts.body, + compress: opts.compress, + follow: opts.follow, + headers: new fetch.Headers(headers), + method: opts.method, + redirect: 'manual', + size: opts.size, + counter: opts.counter, + timeout: opts.timeout + } + + return retry( + (retryHandler, attemptNum) => { + const req = new fetch.Request(uri, reqOpts) + return fetch(req) + .then(res => { + res.headers.set('x-fetch-attempts', attemptNum) + + if (opts.integrity) { + remoteFetchHandleIntegrity(res, opts.integrity) + } + + const isStream = req.body instanceof Stream + + if (opts.cacheManager) { + const isMethodGetHead = req.method === 'GET' || + req.method === 'HEAD' + + const isCachable = opts.cache !== 'no-store' && + isMethodGetHead && + makePolicy(req, res).storable() && + res.status === 200 // No other statuses should be stored! + + if (isCachable) { + return opts.cacheManager.put(req, res, opts) + } + + if (!isMethodGetHead) { + return opts.cacheManager.delete(req).then(() => { + if (res.status >= 500 && req.method !== 'POST' && !isStream) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + return res + }) + } + } + + const isRetriable = req.method !== 'POST' && + !isStream && ( + res.status === 408 || // Request Timeout + res.status === 420 || // Enhance Your Calm (usually Twitter rate-limit) + res.status === 429 || // Too Many Requests ("standard" rate-limiting) + res.status >= 500 // Assume server errors are momentary hiccups + ) + + if (isRetriable) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + if (!fetch.isRedirect(res.status) || opts.redirect === 'manual') { + return res + } + + // handle redirects - matches behavior of npm-fetch: https://github.com/bitinn/node-fetch + if (opts.redirect === 'error') { + const err = new Error(`redirect mode is set to error: ${uri}`) + err.code = 'ENOREDIRECT' + throw err + } + + if (!res.headers.get('location')) { + const err = new Error(`redirect location header missing at: ${uri}`) + err.code = 'EINVALIDREDIRECT' + throw err + } + + if (req.counter >= req.follow) { + const err = new Error(`maximum redirect reached at: ${uri}`) + err.code = 'EMAXREDIRECT' + throw err + } + + const resolvedUrl = url.resolve(req.url, res.headers.get('location')) + let redirectURL = url.parse(resolvedUrl) + + if (isURL.test(res.headers.get('location'))) { + redirectURL = url.parse(res.headers.get('location')) + } + + // Remove authorization if changing hostnames (but not if just + // changing ports or protocols). This matches the behavior of request: + // https://github.com/request/request/blob/b12a6245/lib/redirect.js#L134-L138 + if (url.parse(req.url).hostname !== redirectURL.hostname) { + req.headers.delete('authorization') + } + + // for POST request with 301/302 response, or any request with 303 response, + // use GET when following redirect + if (res.status === 303 || + ((res.status === 301 || res.status === 302) && req.method === 'POST')) { + opts.method = 'GET' + opts.body = null + req.headers.delete('content-length') + } + + opts.headers = {} + req.headers.forEach((value, name) => { + opts.headers[name] = value + }) + + opts.counter = ++req.counter + return cachingFetch(resolvedUrl, opts) + }) + .catch(err => { + const code = err.code === 'EPROMISERETRY' ? err.retried.code : err.code + + const isRetryError = RETRY_ERRORS.indexOf(code) === -1 && + RETRY_TYPES.indexOf(err.type) === -1 + + if (req.method === 'POST' || isRetryError) { + throw err + } + + if (typeof opts.onRetry === 'function') { + opts.onRetry(err) + } + + return retryHandler(err) + }) + }, + opts.retry + ).catch(err => { + if (err.status >= 400) { + return err + } + + throw err + }) +} + +function isHeaderConditional (headers) { + if (!headers || typeof headers !== 'object') { + return false + } + + const modifiers = [ + 'if-modified-since', + 'if-none-match', + 'if-unmodified-since', + 'if-match', + 'if-range' + ] + + return Object.keys(headers) + .some(h => modifiers.indexOf(h.toLowerCase()) !== -1) +} diff --git a/node_modules/libnpmaccess/node_modules/make-fetch-happen/package.json b/node_modules/libnpmaccess/node_modules/make-fetch-happen/package.json new file mode 100644 index 0000000000000..6e910bd51a0fe --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/make-fetch-happen/package.json @@ -0,0 +1,94 @@ +{ + "_from": "make-fetch-happen@^4.0.2", + "_id": "make-fetch-happen@4.0.2", + "_inBundle": false, + "_integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "_location": "/libnpmaccess/make-fetch-happen", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "make-fetch-happen@^4.0.2", + "name": "make-fetch-happen", + "escapedName": "make-fetch-happen", + "rawSpec": "^4.0.2", + "saveSpec": null, + "fetchSpec": "^4.0.2" + }, + "_requiredBy": [ + "/libnpmaccess/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "_shasum": "2d156b11696fb32bffbafe1ac1bc085dd6c78a79", + "_spec": "make-fetch-happen@^4.0.2", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmaccess/node_modules/npm-registry-fetch", + "author": { + "name": "Kat Marchán", + "email": "kzm@zkat.tech" + }, + "bugs": { + "url": "https://github.com/zkat/make-fetch-happen/issues" + }, + "bundleDependencies": false, + "dependencies": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + }, + "deprecated": false, + "description": "Opinionated, caching, retrying fetch client", + "devDependencies": { + "bluebird": "^3.5.1", + "mkdirp": "^0.5.1", + "nock": "^9.2.3", + "npmlog": "^4.1.2", + "require-inject": "^1.4.2", + "rimraf": "^2.6.2", + "safe-buffer": "^5.1.1", + "standard": "^11.0.1", + "standard-version": "^4.3.0", + "tacks": "^1.2.6", + "tap": "^12.7.0", + "weallbehave": "^1.0.0", + "weallcontribute": "^1.0.7" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/zkat/make-fetch-happen#readme", + "keywords": [ + "http", + "request", + "fetch", + "mean girls", + "caching", + "cache", + "subresource integrity" + ], + "license": "ISC", + "main": "index.js", + "name": "make-fetch-happen", + "repository": { + "type": "git", + "url": "git+https://github.com/zkat/make-fetch-happen.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap --coverage --nyc-arg=--all --timeout=35 -J test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmaccess/node_modules/make-fetch-happen/warning.js b/node_modules/libnpmaccess/node_modules/make-fetch-happen/warning.js new file mode 100644 index 0000000000000..b8f13cf83195a --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/make-fetch-happen/warning.js @@ -0,0 +1,24 @@ +const url = require('url') + +module.exports = setWarning + +function setWarning (reqOrRes, code, message, replace) { + // Warning = "Warning" ":" 1#warning-value + // warning-value = warn-code SP warn-agent SP warn-text [SP warn-date] + // warn-code = 3DIGIT + // warn-agent = ( host [ ":" port ] ) | pseudonym + // ; the name or pseudonym of the server adding + // ; the Warning header, for use in debugging + // warn-text = quoted-string + // warn-date = <"> HTTP-date <"> + // (https://tools.ietf.org/html/rfc2616#section-14.46) + const host = url.parse(reqOrRes.url).host + const jsonMessage = JSON.stringify(message) + const jsonDate = JSON.stringify(new Date().toUTCString()) + const header = replace ? 'set' : 'append' + + reqOrRes.headers[header]( + 'Warning', + `${code} ${host} ${jsonMessage} ${jsonDate}` + ) +} diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 0000000000000..d24e026914c23 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,214 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + + +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + + +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + + +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + + +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + + +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + + +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + + +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + + +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + + +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + + +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + + +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + + +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + + +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + + +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + + +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + + +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + + +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/README.md new file mode 100644 index 0000000000000..0c3f4f9469955 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [![npm version](https://img.shields.io/npm/v/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![license](https://img.shields.io/npm/l/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![Travis](https://img.shields.io/travis/npm/npm-registry-fetch/latest.svg)](https://travis-ci.org/npm/npm-registry-fetch) [![AppVeyor](https://img.shields.io/appveyor/ci/zkat/npm-registry-fetch/latest.svg)](https://ci.appveyor.com/project/npm/npm-registry-fetch) [![Coverage Status](https://coveralls.io/repos/github/npm/npm-registry-fetch/badge.svg?branch=latest)](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(url, [opts]) -> Promise` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### `> fetch.json(url, [opts]) -> Promise` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### `opts.:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@/node@+ ()'` + +User agent string to send in the `User-Agent` header. + +##### `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 0000000000000..d583982d0a8b2 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 0000000000000..bfde699edcfbd --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/config.js new file mode 100644 index 0000000000000..7fe5dacc94362 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,98 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gid': {}, + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'uid': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 0000000000000..ba78735fce135 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/index.js new file mode 100644 index 0000000000000..4ba3c19243471 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,193 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout, + uid: opts.uid, + gid: opts.gid + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/package.json new file mode 100644 index 0000000000000..3b0a402f3d6e0 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,92 @@ +{ + "_from": "npm-registry-fetch@^3.8.0", + "_id": "npm-registry-fetch@3.9.1", + "_inBundle": false, + "_integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "_location": "/libnpmaccess/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^3.8.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^3.8.0", + "saveSpec": null, + "fetchSpec": "^3.8.0" + }, + "_requiredBy": [ + "/libnpmaccess" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "_shasum": "00ff6e4e35d3f75a172b332440b53e93f4cb67de", + "_spec": "npm-registry-fetch@^3.8.0", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmaccess", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^11.3.3", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "3.9.1" +} diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 0000000000000..886c5d55b2dbb --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmhook/node_modules/make-fetch-happen/CHANGELOG.md b/node_modules/libnpmhook/node_modules/make-fetch-happen/CHANGELOG.md new file mode 100644 index 0000000000000..a446842f55d80 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/make-fetch-happen/CHANGELOG.md @@ -0,0 +1,555 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [4.0.2](https://github.com/zkat/make-fetch-happen/compare/v4.0.1...v4.0.2) (2019-07-02) + + + + +## [4.0.1](https://github.com/zkat/make-fetch-happen/compare/v4.0.0...v4.0.1) (2018-04-12) + + +### Bug Fixes + +* **integrity:** use new sri.match() for verification ([4f371a0](https://github.com/zkat/make-fetch-happen/commit/4f371a0)) + + + + +# [4.0.0](https://github.com/zkat/make-fetch-happen/compare/v3.0.0...v4.0.0) (2018-04-09) + + +### meta + +* drop node@4, add node@9 ([7b0191a](https://github.com/zkat/make-fetch-happen/commit/7b0191a)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +# [3.0.0](https://github.com/zkat/make-fetch-happen/compare/v2.6.0...v3.0.0) (2018-03-12) + + +### Bug Fixes + +* **license:** switch to ISC ([#49](https://github.com/zkat/make-fetch-happen/issues/49)) ([bf90c6d](https://github.com/zkat/make-fetch-happen/commit/bf90c6d)) +* **standard:** standard@11 update ([ff0aa70](https://github.com/zkat/make-fetch-happen/commit/ff0aa70)) + + +### BREAKING CHANGES + +* **license:** license changed from CC0 to ISC. + + + + +# [2.6.0](https://github.com/zkat/make-fetch-happen/compare/v2.5.0...v2.6.0) (2017-11-14) + + +### Bug Fixes + +* **integrity:** disable node-fetch compress when checking integrity (#42) ([a7cc74c](https://github.com/zkat/make-fetch-happen/commit/a7cc74c)) + + +### Features + +* **onretry:** Add `options.onRetry` (#48) ([f90ccff](https://github.com/zkat/make-fetch-happen/commit/f90ccff)) + + + + +# [2.5.0](https://github.com/zkat/make-fetch-happen/compare/v2.4.13...v2.5.0) (2017-08-24) + + +### Bug Fixes + +* **agent:** support timeout durations greater than 30 seconds ([04875ae](https://github.com/zkat/make-fetch-happen/commit/04875ae)), closes [#35](https://github.com/zkat/make-fetch-happen/issues/35) + + +### Features + +* **cache:** export cache deletion functionality (#40) ([3da4250](https://github.com/zkat/make-fetch-happen/commit/3da4250)) + + + + +## [2.4.13](https://github.com/zkat/make-fetch-happen/compare/v2.4.12...v2.4.13) (2017-06-29) + + +### Bug Fixes + +* **deps:** bump other deps for bugfixes ([eab8297](https://github.com/zkat/make-fetch-happen/commit/eab8297)) +* **proxy:** bump proxy deps with bugfixes (#32) ([632f860](https://github.com/zkat/make-fetch-happen/commit/632f860)), closes [#32](https://github.com/zkat/make-fetch-happen/issues/32) + + + + +## [2.4.12](https://github.com/zkat/make-fetch-happen/compare/v2.4.11...v2.4.12) (2017-06-06) + + +### Bug Fixes + +* **cache:** encode x-local-cache-etc headers to be header-safe ([dc9fb1b](https://github.com/zkat/make-fetch-happen/commit/dc9fb1b)) + + + + +## [2.4.11](https://github.com/zkat/make-fetch-happen/compare/v2.4.10...v2.4.11) (2017-06-05) + + +### Bug Fixes + +* **deps:** bump deps with ssri fix ([bef1994](https://github.com/zkat/make-fetch-happen/commit/bef1994)) + + + + +## [2.4.10](https://github.com/zkat/make-fetch-happen/compare/v2.4.9...v2.4.10) (2017-05-31) + + +### Bug Fixes + +* **deps:** bump dep versions with bugfixes ([0af4003](https://github.com/zkat/make-fetch-happen/commit/0af4003)) +* **proxy:** use auth parameter for proxy authentication (#30) ([c687306](https://github.com/zkat/make-fetch-happen/commit/c687306)) + + + + +## [2.4.9](https://github.com/zkat/make-fetch-happen/compare/v2.4.8...v2.4.9) (2017-05-25) + + +### Bug Fixes + +* **cache:** use the passed-in promise for resolving cache stuff ([4c46257](https://github.com/zkat/make-fetch-happen/commit/4c46257)) + + + + +## [2.4.8](https://github.com/zkat/make-fetch-happen/compare/v2.4.7...v2.4.8) (2017-05-25) + + +### Bug Fixes + +* **cache:** pass uid/gid/Promise through to cache ([a847c92](https://github.com/zkat/make-fetch-happen/commit/a847c92)) + + + + +## [2.4.7](https://github.com/zkat/make-fetch-happen/compare/v2.4.6...v2.4.7) (2017-05-24) + + +### Bug Fixes + +* **deps:** pull in various fixes from deps ([fc2a587](https://github.com/zkat/make-fetch-happen/commit/fc2a587)) + + + + +## [2.4.6](https://github.com/zkat/make-fetch-happen/compare/v2.4.5...v2.4.6) (2017-05-24) + + +### Bug Fixes + +* **proxy:** choose agent for http(s)-proxy by protocol of destUrl ([ea4832a](https://github.com/zkat/make-fetch-happen/commit/ea4832a)) +* **proxy:** make socks proxy working ([1de810a](https://github.com/zkat/make-fetch-happen/commit/1de810a)) +* **proxy:** revert previous proxy solution ([563b0d8](https://github.com/zkat/make-fetch-happen/commit/563b0d8)) + + + + +## [2.4.5](https://github.com/zkat/make-fetch-happen/compare/v2.4.4...v2.4.5) (2017-05-24) + + +### Bug Fixes + +* **proxy:** use the destination url when determining agent ([1a714e7](https://github.com/zkat/make-fetch-happen/commit/1a714e7)) + + + + +## [2.4.4](https://github.com/zkat/make-fetch-happen/compare/v2.4.3...v2.4.4) (2017-05-23) + + +### Bug Fixes + +* **redirect:** handle redirects explicitly (#27) ([4c4af54](https://github.com/zkat/make-fetch-happen/commit/4c4af54)) + + + + +## [2.4.3](https://github.com/zkat/make-fetch-happen/compare/v2.4.2...v2.4.3) (2017-05-06) + + +### Bug Fixes + +* **redirect:** redirects now delete authorization if hosts fail to match ([c071805](https://github.com/zkat/make-fetch-happen/commit/c071805)) + + + + +## [2.4.2](https://github.com/zkat/make-fetch-happen/compare/v2.4.1...v2.4.2) (2017-05-04) + + +### Bug Fixes + +* **cache:** reduce race condition window by checking for content ([24544b1](https://github.com/zkat/make-fetch-happen/commit/24544b1)) +* **match:** Rewrite the conditional stream logic (#25) ([66bba4b](https://github.com/zkat/make-fetch-happen/commit/66bba4b)) + + + + +## [2.4.1](https://github.com/zkat/make-fetch-happen/compare/v2.4.0...v2.4.1) (2017-04-28) + + +### Bug Fixes + +* **memoization:** missed spots + allow passthrough of memo objs ([ac0cd12](https://github.com/zkat/make-fetch-happen/commit/ac0cd12)) + + + + +# [2.4.0](https://github.com/zkat/make-fetch-happen/compare/v2.3.0...v2.4.0) (2017-04-28) + + +### Bug Fixes + +* **memoize:** cacache had a broken memoizer ([8a9ed4c](https://github.com/zkat/make-fetch-happen/commit/8a9ed4c)) + + +### Features + +* **memoization:** only slurp stuff into memory if opts.memoize is not false ([0744adc](https://github.com/zkat/make-fetch-happen/commit/0744adc)) + + + + +# [2.3.0](https://github.com/zkat/make-fetch-happen/compare/v2.2.6...v2.3.0) (2017-04-27) + + +### Features + +* **agent:** added opts.strictSSL and opts.localAddress ([c35015a](https://github.com/zkat/make-fetch-happen/commit/c35015a)) +* **proxy:** Added opts.noProxy and NO_PROXY support ([f45c915](https://github.com/zkat/make-fetch-happen/commit/f45c915)) + + + + +## [2.2.6](https://github.com/zkat/make-fetch-happen/compare/v2.2.5...v2.2.6) (2017-04-26) + + +### Bug Fixes + +* **agent:** check uppercase & lowercase proxy env (#24) ([acf2326](https://github.com/zkat/make-fetch-happen/commit/acf2326)), closes [#22](https://github.com/zkat/make-fetch-happen/issues/22) +* **deps:** switch to node-fetch-npm and stop bundling ([3db603b](https://github.com/zkat/make-fetch-happen/commit/3db603b)) + + + + +## [2.2.5](https://github.com/zkat/make-fetch-happen/compare/v2.2.4...v2.2.5) (2017-04-23) + + +### Bug Fixes + +* **deps:** bump cacache and use its size feature ([926c1d3](https://github.com/zkat/make-fetch-happen/commit/926c1d3)) + + + + +## [2.2.4](https://github.com/zkat/make-fetch-happen/compare/v2.2.3...v2.2.4) (2017-04-18) + + +### Bug Fixes + +* **integrity:** hash verification issues fixed ([07f9402](https://github.com/zkat/make-fetch-happen/commit/07f9402)) + + + + +## [2.2.3](https://github.com/zkat/make-fetch-happen/compare/v2.2.2...v2.2.3) (2017-04-18) + + +### Bug Fixes + +* **staleness:** responses older than 8h were never stale :< ([b54dd75](https://github.com/zkat/make-fetch-happen/commit/b54dd75)) +* **warning:** remove spurious warning, make format more spec-compliant ([2e4f6bb](https://github.com/zkat/make-fetch-happen/commit/2e4f6bb)) + + + + +## [2.2.2](https://github.com/zkat/make-fetch-happen/compare/v2.2.1...v2.2.2) (2017-04-12) + + +### Bug Fixes + +* **retry:** stop retrying 404s ([6fafd53](https://github.com/zkat/make-fetch-happen/commit/6fafd53)) + + + + +## [2.2.1](https://github.com/zkat/make-fetch-happen/compare/v2.2.0...v2.2.1) (2017-04-10) + + +### Bug Fixes + +* **deps:** move test-only deps to devDeps ([2daaf80](https://github.com/zkat/make-fetch-happen/commit/2daaf80)) + + + + +# [2.2.0](https://github.com/zkat/make-fetch-happen/compare/v2.1.0...v2.2.0) (2017-04-09) + + +### Bug Fixes + +* **cache:** treat caches as private ([57b7dc2](https://github.com/zkat/make-fetch-happen/commit/57b7dc2)) + + +### Features + +* **retry:** accept shorthand retry settings ([dfed69d](https://github.com/zkat/make-fetch-happen/commit/dfed69d)) + + + + +# [2.1.0](https://github.com/zkat/make-fetch-happen/compare/v2.0.4...v2.1.0) (2017-04-09) + + +### Features + +* **cache:** cache now obeys Age and a variety of other things (#13) ([7b9652d](https://github.com/zkat/make-fetch-happen/commit/7b9652d)) + + + + +## [2.0.4](https://github.com/zkat/make-fetch-happen/compare/v2.0.3...v2.0.4) (2017-04-09) + + +### Bug Fixes + +* **agent:** accept Request as fetch input, not just strings ([b71669a](https://github.com/zkat/make-fetch-happen/commit/b71669a)) + + + + +## [2.0.3](https://github.com/zkat/make-fetch-happen/compare/v2.0.2...v2.0.3) (2017-04-09) + + +### Bug Fixes + +* **deps:** seriously ([c29e7e7](https://github.com/zkat/make-fetch-happen/commit/c29e7e7)) + + + + +## [2.0.2](https://github.com/zkat/make-fetch-happen/compare/v2.0.1...v2.0.2) (2017-04-09) + + +### Bug Fixes + +* **deps:** use bundleDeps instead ([c36ebf0](https://github.com/zkat/make-fetch-happen/commit/c36ebf0)) + + + + +## [2.0.1](https://github.com/zkat/make-fetch-happen/compare/v2.0.0...v2.0.1) (2017-04-09) + + +### Bug Fixes + +* **deps:** make sure node-fetch tarball included in release ([3bf49d1](https://github.com/zkat/make-fetch-happen/commit/3bf49d1)) + + + + +# [2.0.0](https://github.com/zkat/make-fetch-happen/compare/v1.7.0...v2.0.0) (2017-04-09) + + +### Bug Fixes + +* **deps:** manually pull in newer node-fetch to avoid babel prod dep ([66e5e87](https://github.com/zkat/make-fetch-happen/commit/66e5e87)) +* **retry:** be more specific about when we retry ([a47b782](https://github.com/zkat/make-fetch-happen/commit/a47b782)) + + +### Features + +* **agent:** add ca/cert/key support to auto-agent (#15) ([57585a7](https://github.com/zkat/make-fetch-happen/commit/57585a7)) + + +### BREAKING CHANGES + +* **agent:** pac proxies are no longer supported. +* **retry:** Retry logic has changes. + +* 404s, 420s, and 429s all retry now. +* ENOTFOUND no longer retries. +* Only ECONNRESET, ECONNREFUSED, EADDRINUSE, ETIMEDOUT, and `request-timeout` errors are retried. + + + + +# [1.7.0](https://github.com/zkat/make-fetch-happen/compare/v1.6.0...v1.7.0) (2017-04-08) + + +### Features + +* **cache:** add useful headers to inform users about cached data ([9bd7b00](https://github.com/zkat/make-fetch-happen/commit/9bd7b00)) + + + + +# [1.6.0](https://github.com/zkat/make-fetch-happen/compare/v1.5.1...v1.6.0) (2017-04-06) + + +### Features + +* **agent:** better, keepalive-supporting, default http agents ([16277f6](https://github.com/zkat/make-fetch-happen/commit/16277f6)) + + + + +## [1.5.1](https://github.com/zkat/make-fetch-happen/compare/v1.5.0...v1.5.1) (2017-04-05) + + +### Bug Fixes + +* **cache:** bump cacache for its fixed error messages ([2f2b916](https://github.com/zkat/make-fetch-happen/commit/2f2b916)) +* **cache:** fix handling of errors in cache reads ([5729222](https://github.com/zkat/make-fetch-happen/commit/5729222)) + + + + +# [1.5.0](https://github.com/zkat/make-fetch-happen/compare/v1.4.0...v1.5.0) (2017-04-04) + + +### Features + +* **retry:** retry requests on 408 timeouts, too ([8d8b5bd](https://github.com/zkat/make-fetch-happen/commit/8d8b5bd)) + + + + +# [1.4.0](https://github.com/zkat/make-fetch-happen/compare/v1.3.1...v1.4.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** stop relying on BB.catch ([2b04494](https://github.com/zkat/make-fetch-happen/commit/2b04494)) + + +### Features + +* **retry:** report retry attempt number as extra header ([fd50927](https://github.com/zkat/make-fetch-happen/commit/fd50927)) + + + + +## [1.3.1](https://github.com/zkat/make-fetch-happen/compare/v1.3.0...v1.3.1) (2017-04-04) + + +### Bug Fixes + +* **cache:** pretend cache entry is missing on ENOENT ([9c2bb26](https://github.com/zkat/make-fetch-happen/commit/9c2bb26)) + + + + +# [1.3.0](https://github.com/zkat/make-fetch-happen/compare/v1.2.1...v1.3.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** if metadata is missing for some odd reason, ignore the entry ([a021a6b](https://github.com/zkat/make-fetch-happen/commit/a021a6b)) + + +### Features + +* **cache:** add special headers when request was loaded straight from cache ([8a7dbd1](https://github.com/zkat/make-fetch-happen/commit/8a7dbd1)) +* **cache:** allow configuring algorithms to be calculated on insertion ([bf4a0f2](https://github.com/zkat/make-fetch-happen/commit/bf4a0f2)) + + + + +## [1.2.1](https://github.com/zkat/make-fetch-happen/compare/v1.2.0...v1.2.1) (2017-04-03) + + +### Bug Fixes + +* **integrity:** update cacache and ssri and change EBADCHECKSUM -> EINTEGRITY ([b6cf6f6](https://github.com/zkat/make-fetch-happen/commit/b6cf6f6)) + + + + +# [1.2.0](https://github.com/zkat/make-fetch-happen/compare/v1.1.0...v1.2.0) (2017-04-03) + + +### Features + +* **integrity:** full Subresource Integrity support (#10) ([a590159](https://github.com/zkat/make-fetch-happen/commit/a590159)) + + + + +# [1.1.0](https://github.com/zkat/make-fetch-happen/compare/v1.0.1...v1.1.0) (2017-04-01) + + +### Features + +* **opts:** fetch.defaults() for default options ([522a65e](https://github.com/zkat/make-fetch-happen/commit/522a65e)) + + + + +## [1.0.1](https://github.com/zkat/make-fetch-happen/compare/v1.0.0...v1.0.1) (2017-04-01) + + + + +# 1.0.0 (2017-04-01) + + +### Bug Fixes + +* **cache:** default on cache-control header ([b872a2c](https://github.com/zkat/make-fetch-happen/commit/b872a2c)) +* standard stuff and cache matching ([753f2c2](https://github.com/zkat/make-fetch-happen/commit/753f2c2)) +* **agent:** nudge around things with opts.agent ([ed62b57](https://github.com/zkat/make-fetch-happen/commit/ed62b57)) +* **agent:** {agent: false} has special behavior ([b8cc923](https://github.com/zkat/make-fetch-happen/commit/b8cc923)) +* **cache:** invalidation on non-GET ([fe78fac](https://github.com/zkat/make-fetch-happen/commit/fe78fac)) +* **cache:** make force-cache and only-if-cached work as expected ([f50e9df](https://github.com/zkat/make-fetch-happen/commit/f50e9df)) +* **cache:** more spec compliance ([d5a56db](https://github.com/zkat/make-fetch-happen/commit/d5a56db)) +* **cache:** only cache 200 gets ([0abb25a](https://github.com/zkat/make-fetch-happen/commit/0abb25a)) +* **cache:** only load cache code if cache opt is a string ([250fcd5](https://github.com/zkat/make-fetch-happen/commit/250fcd5)) +* **cache:** oops ([e3fa15a](https://github.com/zkat/make-fetch-happen/commit/e3fa15a)) +* **cache:** refactored warning removal into main file ([5b0a9f9](https://github.com/zkat/make-fetch-happen/commit/5b0a9f9)) +* **cache:** req constructor no longer needed in Cache ([5b74cbc](https://github.com/zkat/make-fetch-happen/commit/5b74cbc)) +* **cache:** standard fetch api calls cacheMode "cache" ([6fba805](https://github.com/zkat/make-fetch-happen/commit/6fba805)) +* **cache:** was using wrong method for non-GET/HEAD cache invalidation ([810763a](https://github.com/zkat/make-fetch-happen/commit/810763a)) +* **caching:** a bunch of cache-related fixes ([8ebda1d](https://github.com/zkat/make-fetch-happen/commit/8ebda1d)) +* **deps:** `cacache[@6](https://github.com/6).3.0` - race condition fixes ([9528442](https://github.com/zkat/make-fetch-happen/commit/9528442)) +* **freshness:** fix regex for cacheControl matching ([070db86](https://github.com/zkat/make-fetch-happen/commit/070db86)) +* **freshness:** fixed default freshness heuristic value ([5d29e88](https://github.com/zkat/make-fetch-happen/commit/5d29e88)) +* **logging:** remove console.log calls ([a1d0a47](https://github.com/zkat/make-fetch-happen/commit/a1d0a47)) +* **method:** node-fetch guarantees uppercase ([a1d68d6](https://github.com/zkat/make-fetch-happen/commit/a1d68d6)) +* **opts:** simplified opts handling ([516fd6e](https://github.com/zkat/make-fetch-happen/commit/516fd6e)) +* **proxy:** pass proxy option directly to ProxyAgent ([3398460](https://github.com/zkat/make-fetch-happen/commit/3398460)) +* **retry:** false -> {retries: 0} ([297fbb6](https://github.com/zkat/make-fetch-happen/commit/297fbb6)) +* **retry:** only retry put if body is not a stream ([a24e599](https://github.com/zkat/make-fetch-happen/commit/a24e599)) +* **retry:** skip retries if body is a stream for ANY method ([780c0f8](https://github.com/zkat/make-fetch-happen/commit/780c0f8)) + + +### Features + +* **api:** initial implementation -- can make and cache requests ([7d55b49](https://github.com/zkat/make-fetch-happen/commit/7d55b49)) +* **fetch:** injectable cache, and retry support ([87b84bf](https://github.com/zkat/make-fetch-happen/commit/87b84bf)) + + +### BREAKING CHANGES + +* **cache:** opts.cache -> opts.cacheManager; opts.cacheMode -> opts.cache +* **fetch:** opts.cache accepts a Cache-like obj or a path. Requests are now retried. +* **api:** actual api implemented diff --git a/node_modules/libnpmhook/node_modules/make-fetch-happen/LICENSE b/node_modules/libnpmhook/node_modules/make-fetch-happen/LICENSE new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/make-fetch-happen/LICENSE @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmhook/node_modules/make-fetch-happen/README.md b/node_modules/libnpmhook/node_modules/make-fetch-happen/README.md new file mode 100644 index 0000000000000..4d12d8dae7e31 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/make-fetch-happen/README.md @@ -0,0 +1,404 @@ +# make-fetch-happen [![npm version](https://img.shields.io/npm/v/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![license](https://img.shields.io/npm/l/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![Travis](https://img.shields.io/travis/zkat/make-fetch-happen.svg)](https://travis-ci.org/zkat/make-fetch-happen) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/make-fetch-happen?svg=true)](https://ci.appveyor.com/project/zkat/make-fetch-happen) [![Coverage Status](https://coveralls.io/repos/github/zkat/make-fetch-happen/badge.svg?branch=latest)](https://coveralls.io/github/zkat/make-fetch-happen?branch=latest) + + +[`make-fetch-happen`](https://github.com/zkat/make-fetch-happen) is a Node.js +library that wraps [`node-fetch-npm`](https://github.com/npm/node-fetch-npm) with additional +features [`node-fetch`](https://github.com/bitinn/node-fetch) doesn't intend to include, including HTTP Cache support, request +pooling, proxies, retries, [and more](#features)! + +## Install + +`$ npm install --save make-fetch-happen` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.defaults`](#fetch-defaults) + * [`node-fetch` options](#node-fetch-options) + * [`make-fetch-happen` options](#extra-options) + * [`opts.cacheManager`](#opts-cache-manager) + * [`opts.cache`](#opts-cache) + * [`opts.proxy`](#opts-proxy) + * [`opts.noProxy`](#opts-no-proxy) + * [`opts.ca, opts.cert, opts.key`](#https-opts) + * [`opts.maxSockets`](#opts-max-sockets) + * [`opts.retry`](#opts-retry) + * [`opts.onRetry`](#opts-onretry) + * [`opts.integrity`](#opts-integrity) +* [Message From Our Sponsors](#wow) + +### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' // path where cache will be written (and read) +}) + +fetch('https://registry.npmjs.org/make-fetch-happen').then(res => { + return res.json() // download the body as JSON +}).then(body => { + console.log(`got ${body.name} from web`) + return fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'no-cache' // forces a conditional request + }) +}).then(res => { + console.log(res.status) // 304! cache validated! + return res.json().then(body => { + console.log(`got ${body.name} from cache`) + }) +}) +``` + +### Features + +* Builds around [`node-fetch`](https://npm.im/node-fetch) for the core [`fetch` API](https://fetch.spec.whatwg.org) implementation +* Request pooling out of the box +* Quite fast, really +* Automatic HTTP-semantics-aware request retries +* Cache-fallback automatic "offline mode" +* Proxy support (http, https, socks, socks4, socks5) +* Built-in request caching following full HTTP caching rules (`Cache-Control`, `ETag`, `304`s, cache fallback on error, etc). +* Customize cache storage with any [Cache API](https://developer.mozilla.org/en-US/docs/Web/API/Cache)-compliant `Cache` instance. Cache to Redis! +* Node.js Stream support +* Transparent gzip and deflate support +* [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) support +* Literally punches nazis +* (PENDING) Range request caching and resuming + +### Contributing + +The make-fetch-happen team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](CONTRIBUTING.md) has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(uriOrRequest, [opts]) -> Promise` + +This function implements most of the [`fetch` API](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch): given a `uri` string or a `Request` instance, it will fire off an http request and return a Promise containing the relevant response. + +If `opts` is provided, the [`node-fetch`-specific options](#node-fetch-options) will be passed to that library. There are also [additional options](#extra-options) specific to make-fetch-happen that add various features, such as HTTP caching, integrity verification, proxy support, and more. + +##### Example + +```javascript +fetch('https://google.com').then(res => res.buffer()) +``` + +#### `> fetch.defaults([defaultUrl], [defaultOpts])` + +Returns a new `fetch` function that will call `make-fetch-happen` using `defaultUrl` and `defaultOpts` as default values to any calls. + +A defaulted `fetch` will also have a `.defaults()` method, so they can be chained. + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-local-cache' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen') // will always use the cache +``` + +#### `> node-fetch options` + +The following options for `node-fetch` are used as-is: + +* method +* body +* redirect +* follow +* timeout +* compress +* size + +These other options are modified or augmented by make-fetch-happen: + +* headers - Default `User-Agent` set to make-fetch happen. `Connection` is set to `keep-alive` or `close` automatically depending on `opts.agent`. +* agent + * If agent is null, an http or https Agent will be automatically used. By default, these will be `http.globalAgent` and `https.globalAgent`. + * If [`opts.proxy`](#opts-proxy) is provided and `opts.agent` is null, the agent will be set to an appropriate proxy-handling agent. + * If `opts.agent` is an object, it will be used as the request-pooling agent argument for this request. + * If `opts.agent` is `false`, it will be passed as-is to the underlying request library. This causes a new Agent to be spawned for every request. + +For more details, see [the documentation for `node-fetch` itself](https://github.com/bitinn/node-fetch#options). + +#### `> make-fetch-happen options` + +make-fetch-happen augments the `node-fetch` API with additional features available through extra options. The following extra options are available: + +* [`opts.cacheManager`](#opts-cache-manager) - Cache target to read/write +* [`opts.cache`](#opts-cache) - `fetch` cache mode. Controls cache *behavior*. +* [`opts.proxy`](#opts-proxy) - Proxy agent +* [`opts.noProxy`](#opts-no-proxy) - Domain segments to disable proxying for. +* [`opts.ca, opts.cert, opts.key, opts.strictSSL`](#https-opts) +* [`opts.localAddress`](#opts-local-address) +* [`opts.maxSockets`](#opts-max-sockets) +* [`opts.retry`](#opts-retry) - Request retry settings +* [`opts.onRetry`](#opts-onretry) - a function called whenever a retry is attempted +* [`opts.integrity`](#opts-integrity) - [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. + +#### `> opts.cacheManager` + +Either a `String` or a `Cache`. If the former, it will be assumed to be a `Path` to be used as the cache root for [`cacache`](https://npm.im/cacache). + +If an object is provided, it will be assumed to be a compliant [`Cache` instance](https://developer.mozilla.org/en-US/docs/Web/API/Cache). Only `Cache.match()`, `Cache.put()`, and `Cache.delete()` are required. Options objects will not be passed in to `match()` or `delete()`. + +By implementing this API, you can customize the storage backend for make-fetch-happen itself -- for example, you could implement a cache that uses `redis` for caching, or simply keeps everything in memory. Most of the caching logic exists entirely on the make-fetch-happen side, so the only thing you need to worry about is reading, writing, and deleting, as well as making sure `fetch.Response` objects are what gets returned. + +You can refer to `cache.js` in the make-fetch-happen source code for a reference implementation. + +**NOTE**: Requests will not be cached unless their response bodies are consumed. You will need to use one of the `res.json()`, `res.buffer()`, etc methods on the response, or drain the `res.body` stream, in order for it to be written. + +The default cache manager also adds the following headers to cached responses: + +* `X-Local-Cache`: Path to the cache the content was found in +* `X-Local-Cache-Key`: Unique cache entry key for this response +* `X-Local-Cache-Hash`: Specific integrity hash for the cached entry +* `X-Local-Cache-Time`: UTCString of the cache insertion time for the entry + +Using [`cacache`](https://npm.im/cacache), a call like this may be used to +manually fetch the cached entry: + +```javascript +const h = response.headers +cacache.get(h.get('x-local-cache'), h.get('x-local-cache-key')) + +// grab content only, directly: +cacache.get.byDigest(h.get('x-local-cache'), h.get('x-local-cache-hash')) +``` + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + cacheManager: './my-local-cache' +}) // -> 200-level response will be written to disk + +fetch('https://npm.im/cacache', { + cacheManager: new MyCustomRedisCache(process.env.PORT) +}) // -> 200-level response will be written to redis +``` + +A possible (minimal) implementation for `MyCustomRedisCache`: + +```javascript +const bluebird = require('bluebird') +const redis = require("redis") +bluebird.promisifyAll(redis.RedisClient.prototype) +class MyCustomRedisCache { + constructor (opts) { + this.redis = redis.createClient(opts) + } + match (req) { + return this.redis.getAsync(req.url).then(res => { + if (res) { + const parsed = JSON.parse(res) + return new fetch.Response(parsed.body, { + url: req.url, + headers: parsed.headers, + status: 200 + }) + } + }) + } + put (req, res) { + return res.buffer().then(body => { + return this.redis.setAsync(req.url, JSON.stringify({ + body: body, + headers: res.headers.raw() + })) + }).then(() => { + // return the response itself + return res + }) + } + 'delete' (req) { + return this.redis.unlinkAsync(req.url) + } +} +``` + +#### `> opts.cache` + +This option follows the standard `fetch` API cache option. This option will do nothing if [`opts.cacheManager`](#opts-cache-manager) is null. The following values are accepted (as strings): + +* `default` - Fetch will inspect the HTTP cache on the way to the network. If there is a fresh response it will be used. If there is a stale response a conditional request will be created, and a normal request otherwise. It then updates the HTTP cache with the response. If the revalidation request fails (for example, on a 500 or if you're offline), the stale response will be returned. +* `no-store` - Fetch behaves as if there is no HTTP cache at all. +* `reload` - Fetch behaves as if there is no HTTP cache on the way to the network. Ergo, it creates a normal request and updates the HTTP cache with the response. +* `no-cache` - Fetch creates a conditional request if there is a response in the HTTP cache and a normal request otherwise. It then updates the HTTP cache with the response. +* `force-cache` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it creates a normal request and updates the HTTP cache with the response. +* `only-if-cached` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it returns a network error. (Can only be used when request’s mode is "same-origin". Any cached redirects will be followed assuming request’s redirect mode is "follow" and the redirects do not violate request’s mode.) + +(Note: option descriptions are taken from https://fetch.spec.whatwg.org/#http-network-or-cache-fetch) + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' +}) + +// Will error with ENOTCACHED if we haven't already cached this url +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'only-if-cached' +}) + +// Will refresh any local content and cache the new response +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'reload' +}) + +// Will use any local data, even if stale. Otherwise, will hit network. +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'force-cache' +}) +``` + +#### `> opts.proxy` + +A string or `url.parse`-d URI to proxy through. Different Proxy handlers will be +used depending on the proxy's protocol. + +Additionally, `process.env.HTTP_PROXY`, `process.env.HTTPS_PROXY`, and +`process.env.PROXY` are used if present and no `opts.proxy` value is provided. + +(Pending) `process.env.NO_PROXY` may also be configured to skip proxying requests for all, or specific domains. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: 'https://corporate.yourcompany.proxy:4445' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: { + protocol: 'https:', + hostname: 'corporate.yourcompany.proxy', + port: 4445 + } +}) +``` + +#### `> opts.noProxy` + +If present, should be a comma-separated string or an array of domain extensions +that a proxy should _not_ be used for. + +This option may also be provided through `process.env.NO_PROXY`. + +#### `> opts.ca, opts.cert, opts.key, opts.strictSSL` + +These values are passed in directly to the HTTPS agent and will be used for both +proxied and unproxied outgoing HTTPS requests. They mostly correspond to the +same options the `https` module accepts, which will be themselves passed to +`tls.connect()`. `opts.strictSSL` corresponds to `rejectUnauthorized`. + +#### `> opts.localAddress` + +Passed directly to `http` and `https` request calls. Determines the local +address to bind to. + +#### `> opts.maxSockets` + +Default: 15 + +Maximum number of active concurrent sockets to use for the underlying +Http/Https/Proxy agents. This setting applies once per spawned agent. + +15 is probably a _pretty good value_ for most use-cases, and balances speed +with, uh, not knocking out people's routers. 🤓 + +#### `> opts.retry` + +An object that can be used to tune request retry settings. Retries will only be attempted on the following conditions: + +* Request method is NOT `POST` AND +* Request status is one of: `408`, `420`, `429`, or any status in the 500-range. OR +* Request errored with `ECONNRESET`, `ECONNREFUSED`, `EADDRINUSE`, `ETIMEDOUT`, or the `fetch` error `request-timeout`. + +The following are worth noting as explicitly not retried: + +* `getaddrinfo ENOTFOUND` and will be assumed to be either an unreachable domain or the user will be assumed offline. If a response is cached, it will be returned immediately. +* `ECONNRESET` currently has no support for restarting. It will eventually be supported but requires a bit more juggling due to streaming. + +If `opts.retry` is `false`, it is equivalent to `{retries: 0}` + +If `opts.retry` is a number, it is equivalent to `{retries: num}` + +The following retry options are available if you want more control over it: + +* retries +* factor +* minTimeout +* maxTimeout +* randomize + +For details on what each of these do, refer to the [`retry`](https://npm.im/retry) documentation. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + retry: { + retries: 10, + randomize: true + } +}) + +fetch('http://reliable.site.com', { + retry: false +}) + +fetch('http://one-more.site.com', { + retry: 3 +}) +``` + +#### `> opts.onRetry` + +A function called whenever a retry is attempted. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + onRetry() { + console.log('we will retry!') + } +}) +``` + +#### `> opts.integrity` + +Matches the response body against the given [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. If verification fails, the request will fail with an `EINTEGRITY` error. + +`integrity` may either be a string or an [`ssri`](https://npm.im/ssri) `Integrity`-like. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // -> ok + +fetch('https://malicious-registry.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // Error: EINTEGRITY +``` + +### Message From Our Sponsors + +![](stop.gif) + +![](happening.gif) diff --git a/node_modules/libnpmhook/node_modules/make-fetch-happen/agent.js b/node_modules/libnpmhook/node_modules/make-fetch-happen/agent.js new file mode 100644 index 0000000000000..55675946ad97d --- /dev/null +++ b/node_modules/libnpmhook/node_modules/make-fetch-happen/agent.js @@ -0,0 +1,171 @@ +'use strict' +const LRU = require('lru-cache') +const url = require('url') + +let AGENT_CACHE = new LRU({ max: 50 }) +let HttpsAgent +let HttpAgent + +module.exports = getAgent + +function getAgent (uri, opts) { + const parsedUri = url.parse(typeof uri === 'string' ? uri : uri.url) + const isHttps = parsedUri.protocol === 'https:' + const pxuri = getProxyUri(uri, opts) + + const key = [ + `https:${isHttps}`, + pxuri + ? `proxy:${pxuri.protocol}//${pxuri.host}:${pxuri.port}` + : '>no-proxy<', + `local-address:${opts.localAddress || '>no-local-address<'}`, + `strict-ssl:${isHttps ? !!opts.strictSSL : '>no-strict-ssl<'}`, + `ca:${(isHttps && opts.ca) || '>no-ca<'}`, + `cert:${(isHttps && opts.cert) || '>no-cert<'}`, + `key:${(isHttps && opts.key) || '>no-key<'}` + ].join(':') + + if (opts.agent != null) { // `agent: false` has special behavior! + return opts.agent + } + + if (AGENT_CACHE.peek(key)) { + return AGENT_CACHE.get(key) + } + + if (pxuri) { + const proxy = getProxy(pxuri, opts, isHttps) + AGENT_CACHE.set(key, proxy) + return proxy + } + + if (isHttps && !HttpsAgent) { + HttpsAgent = require('agentkeepalive').HttpsAgent + } else if (!isHttps && !HttpAgent) { + HttpAgent = require('agentkeepalive') + } + + // If opts.timeout is zero, set the agentTimeout to zero as well. A timeout + // of zero disables the timeout behavior (OS limits still apply). Else, if + // opts.timeout is a non-zero value, set it to timeout + 1, to ensure that + // the node-fetch-npm timeout will always fire first, giving us more + // consistent errors. + const agentTimeout = opts.timeout === 0 ? 0 : opts.timeout + 1 + + const agent = isHttps ? new HttpsAgent({ + maxSockets: opts.maxSockets || 15, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + localAddress: opts.localAddress, + rejectUnauthorized: opts.strictSSL, + timeout: agentTimeout + }) : new HttpAgent({ + maxSockets: opts.maxSockets || 15, + localAddress: opts.localAddress, + timeout: agentTimeout + }) + AGENT_CACHE.set(key, agent) + return agent +} + +function checkNoProxy (uri, opts) { + const host = url.parse(uri).hostname.split('.').reverse() + let noproxy = (opts.noProxy || getProcessEnv('no_proxy')) + if (typeof noproxy === 'string') { + noproxy = noproxy.split(/\s*,\s*/g) + } + return noproxy && noproxy.some(no => { + const noParts = no.split('.').filter(x => x).reverse() + if (!noParts.length) { return false } + for (let i = 0; i < noParts.length; i++) { + if (host[i] !== noParts[i]) { + return false + } + } + return true + }) +} + +module.exports.getProcessEnv = getProcessEnv + +function getProcessEnv (env) { + if (!env) { return } + + let value + + if (Array.isArray(env)) { + for (let e of env) { + value = process.env[e] || + process.env[e.toUpperCase()] || + process.env[e.toLowerCase()] + if (typeof value !== 'undefined') { break } + } + } + + if (typeof env === 'string') { + value = process.env[env] || + process.env[env.toUpperCase()] || + process.env[env.toLowerCase()] + } + + return value +} + +function getProxyUri (uri, opts) { + const protocol = url.parse(uri).protocol + + const proxy = opts.proxy || ( + protocol === 'https:' && getProcessEnv('https_proxy') + ) || ( + protocol === 'http:' && getProcessEnv(['https_proxy', 'http_proxy', 'proxy']) + ) + if (!proxy) { return null } + + const parsedProxy = (typeof proxy === 'string') ? url.parse(proxy) : proxy + + return !checkNoProxy(uri, opts) && parsedProxy +} + +let HttpProxyAgent +let HttpsProxyAgent +let SocksProxyAgent +function getProxy (proxyUrl, opts, isHttps) { + let popts = { + host: proxyUrl.hostname, + port: proxyUrl.port, + protocol: proxyUrl.protocol, + path: proxyUrl.path, + auth: proxyUrl.auth, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + timeout: opts.timeout === 0 ? 0 : opts.timeout + 1, + localAddress: opts.localAddress, + maxSockets: opts.maxSockets || 15, + rejectUnauthorized: opts.strictSSL + } + + if (proxyUrl.protocol === 'http:' || proxyUrl.protocol === 'https:') { + if (!isHttps) { + if (!HttpProxyAgent) { + HttpProxyAgent = require('http-proxy-agent') + } + + return new HttpProxyAgent(popts) + } else { + if (!HttpsProxyAgent) { + HttpsProxyAgent = require('https-proxy-agent') + } + + return new HttpsProxyAgent(popts) + } + } + if (proxyUrl.protocol.startsWith('socks')) { + if (!SocksProxyAgent) { + SocksProxyAgent = require('socks-proxy-agent') + } + + return new SocksProxyAgent(popts) + } +} diff --git a/node_modules/libnpmhook/node_modules/make-fetch-happen/cache.js b/node_modules/libnpmhook/node_modules/make-fetch-happen/cache.js new file mode 100644 index 0000000000000..0c519e69fbe81 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/make-fetch-happen/cache.js @@ -0,0 +1,249 @@ +'use strict' + +const cacache = require('cacache') +const fetch = require('node-fetch-npm') +const pipe = require('mississippi').pipe +const ssri = require('ssri') +const through = require('mississippi').through +const to = require('mississippi').to +const url = require('url') +const stream = require('stream') + +const MAX_MEM_SIZE = 5 * 1024 * 1024 // 5MB + +function cacheKey (req) { + const parsed = url.parse(req.url) + return `make-fetch-happen:request-cache:${ + url.format({ + protocol: parsed.protocol, + slashes: parsed.slashes, + host: parsed.host, + hostname: parsed.hostname, + pathname: parsed.pathname + }) + }` +} + +// This is a cacache-based implementation of the Cache standard, +// using node-fetch. +// docs: https://developer.mozilla.org/en-US/docs/Web/API/Cache +// +module.exports = class Cache { + constructor (path, opts) { + this._path = path + this._uid = opts && opts.uid + this._gid = opts && opts.gid + this.Promise = (opts && opts.Promise) || Promise + } + + // Returns a Promise that resolves to the response associated with the first + // matching request in the Cache object. + match (req, opts) { + opts = opts || {} + const key = cacheKey(req) + return cacache.get.info(this._path, key).then(info => { + return info && cacache.get.hasContent( + this._path, info.integrity, opts + ).then(exists => exists && info) + }).then(info => { + if (info && info.metadata && matchDetails(req, { + url: info.metadata.url, + reqHeaders: new fetch.Headers(info.metadata.reqHeaders), + resHeaders: new fetch.Headers(info.metadata.resHeaders), + cacheIntegrity: info.integrity, + integrity: opts && opts.integrity + })) { + const resHeaders = new fetch.Headers(info.metadata.resHeaders) + addCacheHeaders(resHeaders, this._path, key, info.integrity, info.time) + if (req.method === 'HEAD') { + return new fetch.Response(null, { + url: req.url, + headers: resHeaders, + status: 200 + }) + } + let body + const cachePath = this._path + // avoid opening cache file handles until a user actually tries to + // read from it. + if (opts.memoize !== false && info.size > MAX_MEM_SIZE) { + body = new stream.PassThrough() + const realRead = body._read + body._read = function (size) { + body._read = realRead + pipe( + cacache.get.stream.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }), + body, + err => body.emit(err)) + return realRead.call(this, size) + } + } else { + let readOnce = false + // cacache is much faster at bulk reads + body = new stream.Readable({ + read () { + if (readOnce) return this.push(null) + readOnce = true + cacache.get.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }).then(data => { + this.push(data) + this.push(null) + }, err => this.emit('error', err)) + } + }) + } + return this.Promise.resolve(new fetch.Response(body, { + url: req.url, + headers: resHeaders, + status: 200, + size: info.size + })) + } + }) + } + + // Takes both a request and its response and adds it to the given cache. + put (req, response, opts) { + opts = opts || {} + const size = response.headers.get('content-length') + const fitInMemory = !!size && opts.memoize !== false && size < MAX_MEM_SIZE + const ckey = cacheKey(req) + const cacheOpts = { + algorithms: opts.algorithms, + metadata: { + url: req.url, + reqHeaders: req.headers.raw(), + resHeaders: response.headers.raw() + }, + uid: this._uid, + gid: this._gid, + size, + memoize: fitInMemory && opts.memoize + } + if (req.method === 'HEAD' || response.status === 304) { + // Update metadata without writing + return cacache.get.info(this._path, ckey).then(info => { + // Providing these will bypass content write + cacheOpts.integrity = info.integrity + addCacheHeaders( + response.headers, this._path, ckey, info.integrity, info.time + ) + return new this.Promise((resolve, reject) => { + pipe( + cacache.get.stream.byDigest(this._path, info.integrity, cacheOpts), + cacache.put.stream(this._path, cacheKey(req), cacheOpts), + err => err ? reject(err) : resolve(response) + ) + }) + }).then(() => response) + } + let buf = [] + let bufSize = 0 + let cacheTargetStream = false + const cachePath = this._path + let cacheStream = to((chunk, enc, cb) => { + if (!cacheTargetStream) { + if (fitInMemory) { + cacheTargetStream = + to({highWaterMark: MAX_MEM_SIZE}, (chunk, enc, cb) => { + buf.push(chunk) + bufSize += chunk.length + cb() + }, done => { + cacache.put( + cachePath, + cacheKey(req), + Buffer.concat(buf, bufSize), + cacheOpts + ).then( + () => done(), + done + ) + }) + } else { + cacheTargetStream = + cacache.put.stream(cachePath, cacheKey(req), cacheOpts) + } + } + cacheTargetStream.write(chunk, enc, cb) + }, done => { + cacheTargetStream ? cacheTargetStream.end(done) : done() + }) + const oldBody = response.body + const newBody = through({highWaterMark: fitInMemory && MAX_MEM_SIZE}) + response.body = newBody + oldBody.once('error', err => newBody.emit('error', err)) + newBody.once('error', err => oldBody.emit('error', err)) + cacheStream.once('error', err => newBody.emit('error', err)) + pipe(oldBody, to((chunk, enc, cb) => { + cacheStream.write(chunk, enc, () => { + newBody.write(chunk, enc, cb) + }) + }, done => { + cacheStream.end(() => { + newBody.end(() => { + done() + }) + }) + }), err => err && newBody.emit('error', err)) + return response + } + + // Finds the Cache entry whose key is the request, and if found, deletes the + // Cache entry and returns a Promise that resolves to true. If no Cache entry + // is found, it returns false. + 'delete' (req, opts) { + opts = opts || {} + if (typeof opts.memoize === 'object') { + if (opts.memoize.reset) { + opts.memoize.reset() + } else if (opts.memoize.clear) { + opts.memoize.clear() + } else { + Object.keys(opts.memoize).forEach(k => { + opts.memoize[k] = null + }) + } + } + return cacache.rm.entry( + this._path, + cacheKey(req) + // TODO - true/false + ).then(() => false) + } +} + +function matchDetails (req, cached) { + const reqUrl = url.parse(req.url) + const cacheUrl = url.parse(cached.url) + const vary = cached.resHeaders.get('Vary') + // https://tools.ietf.org/html/rfc7234#section-4.1 + if (vary) { + if (vary.match(/\*/)) { + return false + } else { + const fieldsMatch = vary.split(/\s*,\s*/).every(field => { + return cached.reqHeaders.get(field) === req.headers.get(field) + }) + if (!fieldsMatch) { + return false + } + } + } + if (cached.integrity) { + return ssri.parse(cached.integrity).match(cached.cacheIntegrity) + } + reqUrl.hash = null + cacheUrl.hash = null + return url.format(reqUrl) === url.format(cacheUrl) +} + +function addCacheHeaders (resHeaders, path, key, hash, time) { + resHeaders.set('X-Local-Cache', encodeURIComponent(path)) + resHeaders.set('X-Local-Cache-Key', encodeURIComponent(key)) + resHeaders.set('X-Local-Cache-Hash', encodeURIComponent(hash)) + resHeaders.set('X-Local-Cache-Time', new Date(time).toUTCString()) +} diff --git a/node_modules/libnpmhook/node_modules/make-fetch-happen/index.js b/node_modules/libnpmhook/node_modules/make-fetch-happen/index.js new file mode 100644 index 0000000000000..0f2c164e19f28 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/make-fetch-happen/index.js @@ -0,0 +1,482 @@ +'use strict' + +let Cache +const url = require('url') +const CachePolicy = require('http-cache-semantics') +const fetch = require('node-fetch-npm') +const pkg = require('./package.json') +const retry = require('promise-retry') +let ssri +const Stream = require('stream') +const getAgent = require('./agent') +const setWarning = require('./warning') + +const isURL = /^https?:/ +const USER_AGENT = `${pkg.name}/${pkg.version} (+https://npm.im/${pkg.name})` + +const RETRY_ERRORS = [ + 'ECONNRESET', // remote socket closed on us + 'ECONNREFUSED', // remote host refused to open connection + 'EADDRINUSE', // failed to bind to a local port (proxy?) + 'ETIMEDOUT' // someone in the transaction is WAY TOO SLOW + // Known codes we do NOT retry on: + // ENOTFOUND (getaddrinfo failure. Either bad hostname, or offline) +] + +const RETRY_TYPES = [ + 'request-timeout' +] + +// https://fetch.spec.whatwg.org/#http-network-or-cache-fetch +module.exports = cachingFetch +cachingFetch.defaults = function (_uri, _opts) { + const fetch = this + if (typeof _uri === 'object') { + _opts = _uri + _uri = null + } + + function defaultedFetch (uri, opts) { + const finalOpts = Object.assign({}, _opts || {}, opts || {}) + return fetch(uri || _uri, finalOpts) + } + + defaultedFetch.defaults = fetch.defaults + defaultedFetch.delete = fetch.delete + return defaultedFetch +} + +cachingFetch.delete = cacheDelete +function cacheDelete (uri, opts) { + opts = configureOptions(opts) + if (opts.cacheManager) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + return opts.cacheManager.delete(req, opts) + } +} + +function initializeCache (opts) { + if (typeof opts.cacheManager === 'string') { + if (!Cache) { + // Default cacache-based cache + Cache = require('./cache') + } + + opts.cacheManager = new Cache(opts.cacheManager, opts) + } + + opts.cache = opts.cache || 'default' + + if (opts.cache === 'default' && isHeaderConditional(opts.headers)) { + // If header list contains `If-Modified-Since`, `If-None-Match`, + // `If-Unmodified-Since`, `If-Match`, or `If-Range`, fetch will set cache + // mode to "no-store" if it is "default". + opts.cache = 'no-store' + } +} + +function configureOptions (_opts) { + const opts = Object.assign({}, _opts || {}) + opts.method = (opts.method || 'GET').toUpperCase() + + if (opts.retry && typeof opts.retry === 'number') { + opts.retry = { retries: opts.retry } + } + + if (opts.retry === false) { + opts.retry = { retries: 0 } + } + + if (opts.cacheManager) { + initializeCache(opts) + } + + return opts +} + +function initializeSsri () { + if (!ssri) { + ssri = require('ssri') + } +} + +function cachingFetch (uri, _opts) { + const opts = configureOptions(_opts) + + if (opts.integrity) { + initializeSsri() + // if verifying integrity, node-fetch must not decompress + opts.compress = false + } + + const isCachable = (opts.method === 'GET' || opts.method === 'HEAD') && + opts.cacheManager && + opts.cache !== 'no-store' && + opts.cache !== 'reload' + + if (isCachable) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + + return opts.cacheManager.match(req, opts).then(res => { + if (res) { + const warningCode = (res.headers.get('Warning') || '').match(/^\d+/) + if (warningCode && +warningCode >= 100 && +warningCode < 200) { + // https://tools.ietf.org/html/rfc7234#section-4.3.4 + // + // If a stored response is selected for update, the cache MUST: + // + // * delete any Warning header fields in the stored response with + // warn-code 1xx (see Section 5.5); + // + // * retain any Warning header fields in the stored response with + // warn-code 2xx; + // + res.headers.delete('Warning') + } + + if (opts.cache === 'default' && !isStale(req, res)) { + return res + } + + if (opts.cache === 'default' || opts.cache === 'no-cache') { + return conditionalFetch(req, res, opts) + } + + if (opts.cache === 'force-cache' || opts.cache === 'only-if-cached') { + // 112 Disconnected operation + // SHOULD be included if the cache is intentionally disconnected from + // the rest of the network for a period of time. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(res, 112, 'Disconnected operation') + return res + } + } + + if (!res && opts.cache === 'only-if-cached') { + const errorMsg = `request to ${ + uri + } failed: cache mode is 'only-if-cached' but no cached response available.` + + const err = new Error(errorMsg) + err.code = 'ENOTCACHED' + throw err + } + + // Missing cache entry, or mode is default (if stale), reload, no-store + return remoteFetch(req.url, opts) + }) + } + + return remoteFetch(uri, opts) +} + +function iterableToObject (iter) { + const obj = {} + for (let k of iter.keys()) { + obj[k] = iter.get(k) + } + return obj +} + +function makePolicy (req, res) { + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + const _res = { + status: res.status, + headers: iterableToObject(res.headers) + } + + return new CachePolicy(_req, _res, { shared: false }) +} + +// https://tools.ietf.org/html/rfc7234#section-4.2 +function isStale (req, res) { + if (!res) { + return null + } + + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + + const policy = makePolicy(req, res) + + const responseTime = res.headers.get('x-local-cache-time') || + res.headers.get('date') || + 0 + + policy._responseTime = new Date(responseTime) + + const bool = !policy.satisfiesWithoutRevalidation(_req) + return bool +} + +function mustRevalidate (res) { + return (res.headers.get('cache-control') || '').match(/must-revalidate/i) +} + +function conditionalFetch (req, cachedRes, opts) { + const _req = { + url: req.url, + method: req.method, + headers: Object.assign({}, opts.headers || {}) + } + + const policy = makePolicy(req, cachedRes) + opts.headers = policy.revalidationHeaders(_req) + + return remoteFetch(req.url, opts) + .then(condRes => { + const revalidatedPolicy = policy.revalidatedPolicy(_req, { + status: condRes.status, + headers: iterableToObject(condRes.headers) + }) + + if (condRes.status >= 500 && !mustRevalidate(cachedRes)) { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + return cachedRes + } + + if (condRes.status === 304) { // 304 Not Modified + condRes.body = cachedRes.body + return opts.cacheManager.put(req, condRes, opts) + .then(newRes => { + newRes.headers = new fetch.Headers(revalidatedPolicy.policy.responseHeaders()) + return newRes + }) + } + + return condRes + }) + .then(res => res) + .catch(err => { + if (mustRevalidate(cachedRes)) { + throw err + } else { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + // 199 Miscellaneous warning + // The warning text MAY include arbitrary information to be presented to + // a human user, or logged. A system receiving this warning MUST NOT take + // any automated action, besides presenting the warning to the user. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning( + cachedRes, + 199, + `Miscellaneous Warning ${err.code}: ${err.message}` + ) + + return cachedRes + } + }) +} + +function remoteFetchHandleIntegrity (res, integrity) { + const oldBod = res.body + const newBod = ssri.integrityStream({ + integrity + }) + oldBod.pipe(newBod) + res.body = newBod + oldBod.once('error', err => { + newBod.emit('error', err) + }) + newBod.once('error', err => { + oldBod.emit('error', err) + }) +} + +function remoteFetch (uri, opts) { + const agent = getAgent(uri, opts) + const headers = Object.assign({ + 'connection': agent ? 'keep-alive' : 'close', + 'user-agent': USER_AGENT + }, opts.headers || {}) + + const reqOpts = { + agent, + body: opts.body, + compress: opts.compress, + follow: opts.follow, + headers: new fetch.Headers(headers), + method: opts.method, + redirect: 'manual', + size: opts.size, + counter: opts.counter, + timeout: opts.timeout + } + + return retry( + (retryHandler, attemptNum) => { + const req = new fetch.Request(uri, reqOpts) + return fetch(req) + .then(res => { + res.headers.set('x-fetch-attempts', attemptNum) + + if (opts.integrity) { + remoteFetchHandleIntegrity(res, opts.integrity) + } + + const isStream = req.body instanceof Stream + + if (opts.cacheManager) { + const isMethodGetHead = req.method === 'GET' || + req.method === 'HEAD' + + const isCachable = opts.cache !== 'no-store' && + isMethodGetHead && + makePolicy(req, res).storable() && + res.status === 200 // No other statuses should be stored! + + if (isCachable) { + return opts.cacheManager.put(req, res, opts) + } + + if (!isMethodGetHead) { + return opts.cacheManager.delete(req).then(() => { + if (res.status >= 500 && req.method !== 'POST' && !isStream) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + return res + }) + } + } + + const isRetriable = req.method !== 'POST' && + !isStream && ( + res.status === 408 || // Request Timeout + res.status === 420 || // Enhance Your Calm (usually Twitter rate-limit) + res.status === 429 || // Too Many Requests ("standard" rate-limiting) + res.status >= 500 // Assume server errors are momentary hiccups + ) + + if (isRetriable) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + if (!fetch.isRedirect(res.status) || opts.redirect === 'manual') { + return res + } + + // handle redirects - matches behavior of npm-fetch: https://github.com/bitinn/node-fetch + if (opts.redirect === 'error') { + const err = new Error(`redirect mode is set to error: ${uri}`) + err.code = 'ENOREDIRECT' + throw err + } + + if (!res.headers.get('location')) { + const err = new Error(`redirect location header missing at: ${uri}`) + err.code = 'EINVALIDREDIRECT' + throw err + } + + if (req.counter >= req.follow) { + const err = new Error(`maximum redirect reached at: ${uri}`) + err.code = 'EMAXREDIRECT' + throw err + } + + const resolvedUrl = url.resolve(req.url, res.headers.get('location')) + let redirectURL = url.parse(resolvedUrl) + + if (isURL.test(res.headers.get('location'))) { + redirectURL = url.parse(res.headers.get('location')) + } + + // Remove authorization if changing hostnames (but not if just + // changing ports or protocols). This matches the behavior of request: + // https://github.com/request/request/blob/b12a6245/lib/redirect.js#L134-L138 + if (url.parse(req.url).hostname !== redirectURL.hostname) { + req.headers.delete('authorization') + } + + // for POST request with 301/302 response, or any request with 303 response, + // use GET when following redirect + if (res.status === 303 || + ((res.status === 301 || res.status === 302) && req.method === 'POST')) { + opts.method = 'GET' + opts.body = null + req.headers.delete('content-length') + } + + opts.headers = {} + req.headers.forEach((value, name) => { + opts.headers[name] = value + }) + + opts.counter = ++req.counter + return cachingFetch(resolvedUrl, opts) + }) + .catch(err => { + const code = err.code === 'EPROMISERETRY' ? err.retried.code : err.code + + const isRetryError = RETRY_ERRORS.indexOf(code) === -1 && + RETRY_TYPES.indexOf(err.type) === -1 + + if (req.method === 'POST' || isRetryError) { + throw err + } + + if (typeof opts.onRetry === 'function') { + opts.onRetry(err) + } + + return retryHandler(err) + }) + }, + opts.retry + ).catch(err => { + if (err.status >= 400) { + return err + } + + throw err + }) +} + +function isHeaderConditional (headers) { + if (!headers || typeof headers !== 'object') { + return false + } + + const modifiers = [ + 'if-modified-since', + 'if-none-match', + 'if-unmodified-since', + 'if-match', + 'if-range' + ] + + return Object.keys(headers) + .some(h => modifiers.indexOf(h.toLowerCase()) !== -1) +} diff --git a/node_modules/libnpmhook/node_modules/make-fetch-happen/package.json b/node_modules/libnpmhook/node_modules/make-fetch-happen/package.json new file mode 100644 index 0000000000000..bf110031ed7c2 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/make-fetch-happen/package.json @@ -0,0 +1,94 @@ +{ + "_from": "make-fetch-happen@^4.0.2", + "_id": "make-fetch-happen@4.0.2", + "_inBundle": false, + "_integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "_location": "/libnpmhook/make-fetch-happen", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "make-fetch-happen@^4.0.2", + "name": "make-fetch-happen", + "escapedName": "make-fetch-happen", + "rawSpec": "^4.0.2", + "saveSpec": null, + "fetchSpec": "^4.0.2" + }, + "_requiredBy": [ + "/libnpmhook/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "_shasum": "2d156b11696fb32bffbafe1ac1bc085dd6c78a79", + "_spec": "make-fetch-happen@^4.0.2", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmhook/node_modules/npm-registry-fetch", + "author": { + "name": "Kat Marchán", + "email": "kzm@zkat.tech" + }, + "bugs": { + "url": "https://github.com/zkat/make-fetch-happen/issues" + }, + "bundleDependencies": false, + "dependencies": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + }, + "deprecated": false, + "description": "Opinionated, caching, retrying fetch client", + "devDependencies": { + "bluebird": "^3.5.1", + "mkdirp": "^0.5.1", + "nock": "^9.2.3", + "npmlog": "^4.1.2", + "require-inject": "^1.4.2", + "rimraf": "^2.6.2", + "safe-buffer": "^5.1.1", + "standard": "^11.0.1", + "standard-version": "^4.3.0", + "tacks": "^1.2.6", + "tap": "^12.7.0", + "weallbehave": "^1.0.0", + "weallcontribute": "^1.0.7" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/zkat/make-fetch-happen#readme", + "keywords": [ + "http", + "request", + "fetch", + "mean girls", + "caching", + "cache", + "subresource integrity" + ], + "license": "ISC", + "main": "index.js", + "name": "make-fetch-happen", + "repository": { + "type": "git", + "url": "git+https://github.com/zkat/make-fetch-happen.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap --coverage --nyc-arg=--all --timeout=35 -J test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmhook/node_modules/make-fetch-happen/warning.js b/node_modules/libnpmhook/node_modules/make-fetch-happen/warning.js new file mode 100644 index 0000000000000..b8f13cf83195a --- /dev/null +++ b/node_modules/libnpmhook/node_modules/make-fetch-happen/warning.js @@ -0,0 +1,24 @@ +const url = require('url') + +module.exports = setWarning + +function setWarning (reqOrRes, code, message, replace) { + // Warning = "Warning" ":" 1#warning-value + // warning-value = warn-code SP warn-agent SP warn-text [SP warn-date] + // warn-code = 3DIGIT + // warn-agent = ( host [ ":" port ] ) | pseudonym + // ; the name or pseudonym of the server adding + // ; the Warning header, for use in debugging + // warn-text = quoted-string + // warn-date = <"> HTTP-date <"> + // (https://tools.ietf.org/html/rfc2616#section-14.46) + const host = url.parse(reqOrRes.url).host + const jsonMessage = JSON.stringify(message) + const jsonDate = JSON.stringify(new Date().toUTCString()) + const header = replace ? 'set' : 'append' + + reqOrRes.headers[header]( + 'Warning', + `${code} ${host} ${jsonMessage} ${jsonDate}` + ) +} diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmhook/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 0000000000000..d24e026914c23 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,214 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + + +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + + +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + + +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + + +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + + +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + + +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + + +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + + +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + + +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + + +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + + +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + + +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + + +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + + +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + + +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + + +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + + +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmhook/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmhook/node_modules/npm-registry-fetch/README.md new file mode 100644 index 0000000000000..0c3f4f9469955 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [![npm version](https://img.shields.io/npm/v/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![license](https://img.shields.io/npm/l/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![Travis](https://img.shields.io/travis/npm/npm-registry-fetch/latest.svg)](https://travis-ci.org/npm/npm-registry-fetch) [![AppVeyor](https://img.shields.io/appveyor/ci/zkat/npm-registry-fetch/latest.svg)](https://ci.appveyor.com/project/npm/npm-registry-fetch) [![Coverage Status](https://coveralls.io/repos/github/npm/npm-registry-fetch/badge.svg?branch=latest)](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(url, [opts]) -> Promise` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### `> fetch.json(url, [opts]) -> Promise` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### `opts.:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@/node@+ ()'` + +User agent string to send in the `User-Agent` header. + +##### `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 0000000000000..d583982d0a8b2 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 0000000000000..bfde699edcfbd --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/config.js new file mode 100644 index 0000000000000..7fe5dacc94362 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,98 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gid': {}, + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'uid': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 0000000000000..ba78735fce135 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/index.js new file mode 100644 index 0000000000000..4ba3c19243471 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,193 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout, + uid: opts.uid, + gid: opts.gid + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmhook/node_modules/npm-registry-fetch/package.json new file mode 100644 index 0000000000000..d1b368489ecbc --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,92 @@ +{ + "_from": "npm-registry-fetch@^3.8.0", + "_id": "npm-registry-fetch@3.9.1", + "_inBundle": false, + "_integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "_location": "/libnpmhook/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^3.8.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^3.8.0", + "saveSpec": null, + "fetchSpec": "^3.8.0" + }, + "_requiredBy": [ + "/libnpmhook" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "_shasum": "00ff6e4e35d3f75a172b332440b53e93f4cb67de", + "_spec": "npm-registry-fetch@^3.8.0", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmhook", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^11.3.3", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "3.9.1" +} diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 0000000000000..886c5d55b2dbb --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmorg/node_modules/make-fetch-happen/CHANGELOG.md b/node_modules/libnpmorg/node_modules/make-fetch-happen/CHANGELOG.md new file mode 100644 index 0000000000000..a446842f55d80 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/make-fetch-happen/CHANGELOG.md @@ -0,0 +1,555 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [4.0.2](https://github.com/zkat/make-fetch-happen/compare/v4.0.1...v4.0.2) (2019-07-02) + + + + +## [4.0.1](https://github.com/zkat/make-fetch-happen/compare/v4.0.0...v4.0.1) (2018-04-12) + + +### Bug Fixes + +* **integrity:** use new sri.match() for verification ([4f371a0](https://github.com/zkat/make-fetch-happen/commit/4f371a0)) + + + + +# [4.0.0](https://github.com/zkat/make-fetch-happen/compare/v3.0.0...v4.0.0) (2018-04-09) + + +### meta + +* drop node@4, add node@9 ([7b0191a](https://github.com/zkat/make-fetch-happen/commit/7b0191a)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +# [3.0.0](https://github.com/zkat/make-fetch-happen/compare/v2.6.0...v3.0.0) (2018-03-12) + + +### Bug Fixes + +* **license:** switch to ISC ([#49](https://github.com/zkat/make-fetch-happen/issues/49)) ([bf90c6d](https://github.com/zkat/make-fetch-happen/commit/bf90c6d)) +* **standard:** standard@11 update ([ff0aa70](https://github.com/zkat/make-fetch-happen/commit/ff0aa70)) + + +### BREAKING CHANGES + +* **license:** license changed from CC0 to ISC. + + + + +# [2.6.0](https://github.com/zkat/make-fetch-happen/compare/v2.5.0...v2.6.0) (2017-11-14) + + +### Bug Fixes + +* **integrity:** disable node-fetch compress when checking integrity (#42) ([a7cc74c](https://github.com/zkat/make-fetch-happen/commit/a7cc74c)) + + +### Features + +* **onretry:** Add `options.onRetry` (#48) ([f90ccff](https://github.com/zkat/make-fetch-happen/commit/f90ccff)) + + + + +# [2.5.0](https://github.com/zkat/make-fetch-happen/compare/v2.4.13...v2.5.0) (2017-08-24) + + +### Bug Fixes + +* **agent:** support timeout durations greater than 30 seconds ([04875ae](https://github.com/zkat/make-fetch-happen/commit/04875ae)), closes [#35](https://github.com/zkat/make-fetch-happen/issues/35) + + +### Features + +* **cache:** export cache deletion functionality (#40) ([3da4250](https://github.com/zkat/make-fetch-happen/commit/3da4250)) + + + + +## [2.4.13](https://github.com/zkat/make-fetch-happen/compare/v2.4.12...v2.4.13) (2017-06-29) + + +### Bug Fixes + +* **deps:** bump other deps for bugfixes ([eab8297](https://github.com/zkat/make-fetch-happen/commit/eab8297)) +* **proxy:** bump proxy deps with bugfixes (#32) ([632f860](https://github.com/zkat/make-fetch-happen/commit/632f860)), closes [#32](https://github.com/zkat/make-fetch-happen/issues/32) + + + + +## [2.4.12](https://github.com/zkat/make-fetch-happen/compare/v2.4.11...v2.4.12) (2017-06-06) + + +### Bug Fixes + +* **cache:** encode x-local-cache-etc headers to be header-safe ([dc9fb1b](https://github.com/zkat/make-fetch-happen/commit/dc9fb1b)) + + + + +## [2.4.11](https://github.com/zkat/make-fetch-happen/compare/v2.4.10...v2.4.11) (2017-06-05) + + +### Bug Fixes + +* **deps:** bump deps with ssri fix ([bef1994](https://github.com/zkat/make-fetch-happen/commit/bef1994)) + + + + +## [2.4.10](https://github.com/zkat/make-fetch-happen/compare/v2.4.9...v2.4.10) (2017-05-31) + + +### Bug Fixes + +* **deps:** bump dep versions with bugfixes ([0af4003](https://github.com/zkat/make-fetch-happen/commit/0af4003)) +* **proxy:** use auth parameter for proxy authentication (#30) ([c687306](https://github.com/zkat/make-fetch-happen/commit/c687306)) + + + + +## [2.4.9](https://github.com/zkat/make-fetch-happen/compare/v2.4.8...v2.4.9) (2017-05-25) + + +### Bug Fixes + +* **cache:** use the passed-in promise for resolving cache stuff ([4c46257](https://github.com/zkat/make-fetch-happen/commit/4c46257)) + + + + +## [2.4.8](https://github.com/zkat/make-fetch-happen/compare/v2.4.7...v2.4.8) (2017-05-25) + + +### Bug Fixes + +* **cache:** pass uid/gid/Promise through to cache ([a847c92](https://github.com/zkat/make-fetch-happen/commit/a847c92)) + + + + +## [2.4.7](https://github.com/zkat/make-fetch-happen/compare/v2.4.6...v2.4.7) (2017-05-24) + + +### Bug Fixes + +* **deps:** pull in various fixes from deps ([fc2a587](https://github.com/zkat/make-fetch-happen/commit/fc2a587)) + + + + +## [2.4.6](https://github.com/zkat/make-fetch-happen/compare/v2.4.5...v2.4.6) (2017-05-24) + + +### Bug Fixes + +* **proxy:** choose agent for http(s)-proxy by protocol of destUrl ([ea4832a](https://github.com/zkat/make-fetch-happen/commit/ea4832a)) +* **proxy:** make socks proxy working ([1de810a](https://github.com/zkat/make-fetch-happen/commit/1de810a)) +* **proxy:** revert previous proxy solution ([563b0d8](https://github.com/zkat/make-fetch-happen/commit/563b0d8)) + + + + +## [2.4.5](https://github.com/zkat/make-fetch-happen/compare/v2.4.4...v2.4.5) (2017-05-24) + + +### Bug Fixes + +* **proxy:** use the destination url when determining agent ([1a714e7](https://github.com/zkat/make-fetch-happen/commit/1a714e7)) + + + + +## [2.4.4](https://github.com/zkat/make-fetch-happen/compare/v2.4.3...v2.4.4) (2017-05-23) + + +### Bug Fixes + +* **redirect:** handle redirects explicitly (#27) ([4c4af54](https://github.com/zkat/make-fetch-happen/commit/4c4af54)) + + + + +## [2.4.3](https://github.com/zkat/make-fetch-happen/compare/v2.4.2...v2.4.3) (2017-05-06) + + +### Bug Fixes + +* **redirect:** redirects now delete authorization if hosts fail to match ([c071805](https://github.com/zkat/make-fetch-happen/commit/c071805)) + + + + +## [2.4.2](https://github.com/zkat/make-fetch-happen/compare/v2.4.1...v2.4.2) (2017-05-04) + + +### Bug Fixes + +* **cache:** reduce race condition window by checking for content ([24544b1](https://github.com/zkat/make-fetch-happen/commit/24544b1)) +* **match:** Rewrite the conditional stream logic (#25) ([66bba4b](https://github.com/zkat/make-fetch-happen/commit/66bba4b)) + + + + +## [2.4.1](https://github.com/zkat/make-fetch-happen/compare/v2.4.0...v2.4.1) (2017-04-28) + + +### Bug Fixes + +* **memoization:** missed spots + allow passthrough of memo objs ([ac0cd12](https://github.com/zkat/make-fetch-happen/commit/ac0cd12)) + + + + +# [2.4.0](https://github.com/zkat/make-fetch-happen/compare/v2.3.0...v2.4.0) (2017-04-28) + + +### Bug Fixes + +* **memoize:** cacache had a broken memoizer ([8a9ed4c](https://github.com/zkat/make-fetch-happen/commit/8a9ed4c)) + + +### Features + +* **memoization:** only slurp stuff into memory if opts.memoize is not false ([0744adc](https://github.com/zkat/make-fetch-happen/commit/0744adc)) + + + + +# [2.3.0](https://github.com/zkat/make-fetch-happen/compare/v2.2.6...v2.3.0) (2017-04-27) + + +### Features + +* **agent:** added opts.strictSSL and opts.localAddress ([c35015a](https://github.com/zkat/make-fetch-happen/commit/c35015a)) +* **proxy:** Added opts.noProxy and NO_PROXY support ([f45c915](https://github.com/zkat/make-fetch-happen/commit/f45c915)) + + + + +## [2.2.6](https://github.com/zkat/make-fetch-happen/compare/v2.2.5...v2.2.6) (2017-04-26) + + +### Bug Fixes + +* **agent:** check uppercase & lowercase proxy env (#24) ([acf2326](https://github.com/zkat/make-fetch-happen/commit/acf2326)), closes [#22](https://github.com/zkat/make-fetch-happen/issues/22) +* **deps:** switch to node-fetch-npm and stop bundling ([3db603b](https://github.com/zkat/make-fetch-happen/commit/3db603b)) + + + + +## [2.2.5](https://github.com/zkat/make-fetch-happen/compare/v2.2.4...v2.2.5) (2017-04-23) + + +### Bug Fixes + +* **deps:** bump cacache and use its size feature ([926c1d3](https://github.com/zkat/make-fetch-happen/commit/926c1d3)) + + + + +## [2.2.4](https://github.com/zkat/make-fetch-happen/compare/v2.2.3...v2.2.4) (2017-04-18) + + +### Bug Fixes + +* **integrity:** hash verification issues fixed ([07f9402](https://github.com/zkat/make-fetch-happen/commit/07f9402)) + + + + +## [2.2.3](https://github.com/zkat/make-fetch-happen/compare/v2.2.2...v2.2.3) (2017-04-18) + + +### Bug Fixes + +* **staleness:** responses older than 8h were never stale :< ([b54dd75](https://github.com/zkat/make-fetch-happen/commit/b54dd75)) +* **warning:** remove spurious warning, make format more spec-compliant ([2e4f6bb](https://github.com/zkat/make-fetch-happen/commit/2e4f6bb)) + + + + +## [2.2.2](https://github.com/zkat/make-fetch-happen/compare/v2.2.1...v2.2.2) (2017-04-12) + + +### Bug Fixes + +* **retry:** stop retrying 404s ([6fafd53](https://github.com/zkat/make-fetch-happen/commit/6fafd53)) + + + + +## [2.2.1](https://github.com/zkat/make-fetch-happen/compare/v2.2.0...v2.2.1) (2017-04-10) + + +### Bug Fixes + +* **deps:** move test-only deps to devDeps ([2daaf80](https://github.com/zkat/make-fetch-happen/commit/2daaf80)) + + + + +# [2.2.0](https://github.com/zkat/make-fetch-happen/compare/v2.1.0...v2.2.0) (2017-04-09) + + +### Bug Fixes + +* **cache:** treat caches as private ([57b7dc2](https://github.com/zkat/make-fetch-happen/commit/57b7dc2)) + + +### Features + +* **retry:** accept shorthand retry settings ([dfed69d](https://github.com/zkat/make-fetch-happen/commit/dfed69d)) + + + + +# [2.1.0](https://github.com/zkat/make-fetch-happen/compare/v2.0.4...v2.1.0) (2017-04-09) + + +### Features + +* **cache:** cache now obeys Age and a variety of other things (#13) ([7b9652d](https://github.com/zkat/make-fetch-happen/commit/7b9652d)) + + + + +## [2.0.4](https://github.com/zkat/make-fetch-happen/compare/v2.0.3...v2.0.4) (2017-04-09) + + +### Bug Fixes + +* **agent:** accept Request as fetch input, not just strings ([b71669a](https://github.com/zkat/make-fetch-happen/commit/b71669a)) + + + + +## [2.0.3](https://github.com/zkat/make-fetch-happen/compare/v2.0.2...v2.0.3) (2017-04-09) + + +### Bug Fixes + +* **deps:** seriously ([c29e7e7](https://github.com/zkat/make-fetch-happen/commit/c29e7e7)) + + + + +## [2.0.2](https://github.com/zkat/make-fetch-happen/compare/v2.0.1...v2.0.2) (2017-04-09) + + +### Bug Fixes + +* **deps:** use bundleDeps instead ([c36ebf0](https://github.com/zkat/make-fetch-happen/commit/c36ebf0)) + + + + +## [2.0.1](https://github.com/zkat/make-fetch-happen/compare/v2.0.0...v2.0.1) (2017-04-09) + + +### Bug Fixes + +* **deps:** make sure node-fetch tarball included in release ([3bf49d1](https://github.com/zkat/make-fetch-happen/commit/3bf49d1)) + + + + +# [2.0.0](https://github.com/zkat/make-fetch-happen/compare/v1.7.0...v2.0.0) (2017-04-09) + + +### Bug Fixes + +* **deps:** manually pull in newer node-fetch to avoid babel prod dep ([66e5e87](https://github.com/zkat/make-fetch-happen/commit/66e5e87)) +* **retry:** be more specific about when we retry ([a47b782](https://github.com/zkat/make-fetch-happen/commit/a47b782)) + + +### Features + +* **agent:** add ca/cert/key support to auto-agent (#15) ([57585a7](https://github.com/zkat/make-fetch-happen/commit/57585a7)) + + +### BREAKING CHANGES + +* **agent:** pac proxies are no longer supported. +* **retry:** Retry logic has changes. + +* 404s, 420s, and 429s all retry now. +* ENOTFOUND no longer retries. +* Only ECONNRESET, ECONNREFUSED, EADDRINUSE, ETIMEDOUT, and `request-timeout` errors are retried. + + + + +# [1.7.0](https://github.com/zkat/make-fetch-happen/compare/v1.6.0...v1.7.0) (2017-04-08) + + +### Features + +* **cache:** add useful headers to inform users about cached data ([9bd7b00](https://github.com/zkat/make-fetch-happen/commit/9bd7b00)) + + + + +# [1.6.0](https://github.com/zkat/make-fetch-happen/compare/v1.5.1...v1.6.0) (2017-04-06) + + +### Features + +* **agent:** better, keepalive-supporting, default http agents ([16277f6](https://github.com/zkat/make-fetch-happen/commit/16277f6)) + + + + +## [1.5.1](https://github.com/zkat/make-fetch-happen/compare/v1.5.0...v1.5.1) (2017-04-05) + + +### Bug Fixes + +* **cache:** bump cacache for its fixed error messages ([2f2b916](https://github.com/zkat/make-fetch-happen/commit/2f2b916)) +* **cache:** fix handling of errors in cache reads ([5729222](https://github.com/zkat/make-fetch-happen/commit/5729222)) + + + + +# [1.5.0](https://github.com/zkat/make-fetch-happen/compare/v1.4.0...v1.5.0) (2017-04-04) + + +### Features + +* **retry:** retry requests on 408 timeouts, too ([8d8b5bd](https://github.com/zkat/make-fetch-happen/commit/8d8b5bd)) + + + + +# [1.4.0](https://github.com/zkat/make-fetch-happen/compare/v1.3.1...v1.4.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** stop relying on BB.catch ([2b04494](https://github.com/zkat/make-fetch-happen/commit/2b04494)) + + +### Features + +* **retry:** report retry attempt number as extra header ([fd50927](https://github.com/zkat/make-fetch-happen/commit/fd50927)) + + + + +## [1.3.1](https://github.com/zkat/make-fetch-happen/compare/v1.3.0...v1.3.1) (2017-04-04) + + +### Bug Fixes + +* **cache:** pretend cache entry is missing on ENOENT ([9c2bb26](https://github.com/zkat/make-fetch-happen/commit/9c2bb26)) + + + + +# [1.3.0](https://github.com/zkat/make-fetch-happen/compare/v1.2.1...v1.3.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** if metadata is missing for some odd reason, ignore the entry ([a021a6b](https://github.com/zkat/make-fetch-happen/commit/a021a6b)) + + +### Features + +* **cache:** add special headers when request was loaded straight from cache ([8a7dbd1](https://github.com/zkat/make-fetch-happen/commit/8a7dbd1)) +* **cache:** allow configuring algorithms to be calculated on insertion ([bf4a0f2](https://github.com/zkat/make-fetch-happen/commit/bf4a0f2)) + + + + +## [1.2.1](https://github.com/zkat/make-fetch-happen/compare/v1.2.0...v1.2.1) (2017-04-03) + + +### Bug Fixes + +* **integrity:** update cacache and ssri and change EBADCHECKSUM -> EINTEGRITY ([b6cf6f6](https://github.com/zkat/make-fetch-happen/commit/b6cf6f6)) + + + + +# [1.2.0](https://github.com/zkat/make-fetch-happen/compare/v1.1.0...v1.2.0) (2017-04-03) + + +### Features + +* **integrity:** full Subresource Integrity support (#10) ([a590159](https://github.com/zkat/make-fetch-happen/commit/a590159)) + + + + +# [1.1.0](https://github.com/zkat/make-fetch-happen/compare/v1.0.1...v1.1.0) (2017-04-01) + + +### Features + +* **opts:** fetch.defaults() for default options ([522a65e](https://github.com/zkat/make-fetch-happen/commit/522a65e)) + + + + +## [1.0.1](https://github.com/zkat/make-fetch-happen/compare/v1.0.0...v1.0.1) (2017-04-01) + + + + +# 1.0.0 (2017-04-01) + + +### Bug Fixes + +* **cache:** default on cache-control header ([b872a2c](https://github.com/zkat/make-fetch-happen/commit/b872a2c)) +* standard stuff and cache matching ([753f2c2](https://github.com/zkat/make-fetch-happen/commit/753f2c2)) +* **agent:** nudge around things with opts.agent ([ed62b57](https://github.com/zkat/make-fetch-happen/commit/ed62b57)) +* **agent:** {agent: false} has special behavior ([b8cc923](https://github.com/zkat/make-fetch-happen/commit/b8cc923)) +* **cache:** invalidation on non-GET ([fe78fac](https://github.com/zkat/make-fetch-happen/commit/fe78fac)) +* **cache:** make force-cache and only-if-cached work as expected ([f50e9df](https://github.com/zkat/make-fetch-happen/commit/f50e9df)) +* **cache:** more spec compliance ([d5a56db](https://github.com/zkat/make-fetch-happen/commit/d5a56db)) +* **cache:** only cache 200 gets ([0abb25a](https://github.com/zkat/make-fetch-happen/commit/0abb25a)) +* **cache:** only load cache code if cache opt is a string ([250fcd5](https://github.com/zkat/make-fetch-happen/commit/250fcd5)) +* **cache:** oops ([e3fa15a](https://github.com/zkat/make-fetch-happen/commit/e3fa15a)) +* **cache:** refactored warning removal into main file ([5b0a9f9](https://github.com/zkat/make-fetch-happen/commit/5b0a9f9)) +* **cache:** req constructor no longer needed in Cache ([5b74cbc](https://github.com/zkat/make-fetch-happen/commit/5b74cbc)) +* **cache:** standard fetch api calls cacheMode "cache" ([6fba805](https://github.com/zkat/make-fetch-happen/commit/6fba805)) +* **cache:** was using wrong method for non-GET/HEAD cache invalidation ([810763a](https://github.com/zkat/make-fetch-happen/commit/810763a)) +* **caching:** a bunch of cache-related fixes ([8ebda1d](https://github.com/zkat/make-fetch-happen/commit/8ebda1d)) +* **deps:** `cacache[@6](https://github.com/6).3.0` - race condition fixes ([9528442](https://github.com/zkat/make-fetch-happen/commit/9528442)) +* **freshness:** fix regex for cacheControl matching ([070db86](https://github.com/zkat/make-fetch-happen/commit/070db86)) +* **freshness:** fixed default freshness heuristic value ([5d29e88](https://github.com/zkat/make-fetch-happen/commit/5d29e88)) +* **logging:** remove console.log calls ([a1d0a47](https://github.com/zkat/make-fetch-happen/commit/a1d0a47)) +* **method:** node-fetch guarantees uppercase ([a1d68d6](https://github.com/zkat/make-fetch-happen/commit/a1d68d6)) +* **opts:** simplified opts handling ([516fd6e](https://github.com/zkat/make-fetch-happen/commit/516fd6e)) +* **proxy:** pass proxy option directly to ProxyAgent ([3398460](https://github.com/zkat/make-fetch-happen/commit/3398460)) +* **retry:** false -> {retries: 0} ([297fbb6](https://github.com/zkat/make-fetch-happen/commit/297fbb6)) +* **retry:** only retry put if body is not a stream ([a24e599](https://github.com/zkat/make-fetch-happen/commit/a24e599)) +* **retry:** skip retries if body is a stream for ANY method ([780c0f8](https://github.com/zkat/make-fetch-happen/commit/780c0f8)) + + +### Features + +* **api:** initial implementation -- can make and cache requests ([7d55b49](https://github.com/zkat/make-fetch-happen/commit/7d55b49)) +* **fetch:** injectable cache, and retry support ([87b84bf](https://github.com/zkat/make-fetch-happen/commit/87b84bf)) + + +### BREAKING CHANGES + +* **cache:** opts.cache -> opts.cacheManager; opts.cacheMode -> opts.cache +* **fetch:** opts.cache accepts a Cache-like obj or a path. Requests are now retried. +* **api:** actual api implemented diff --git a/node_modules/libnpmorg/node_modules/make-fetch-happen/LICENSE b/node_modules/libnpmorg/node_modules/make-fetch-happen/LICENSE new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/make-fetch-happen/LICENSE @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmorg/node_modules/make-fetch-happen/README.md b/node_modules/libnpmorg/node_modules/make-fetch-happen/README.md new file mode 100644 index 0000000000000..4d12d8dae7e31 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/make-fetch-happen/README.md @@ -0,0 +1,404 @@ +# make-fetch-happen [![npm version](https://img.shields.io/npm/v/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![license](https://img.shields.io/npm/l/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![Travis](https://img.shields.io/travis/zkat/make-fetch-happen.svg)](https://travis-ci.org/zkat/make-fetch-happen) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/make-fetch-happen?svg=true)](https://ci.appveyor.com/project/zkat/make-fetch-happen) [![Coverage Status](https://coveralls.io/repos/github/zkat/make-fetch-happen/badge.svg?branch=latest)](https://coveralls.io/github/zkat/make-fetch-happen?branch=latest) + + +[`make-fetch-happen`](https://github.com/zkat/make-fetch-happen) is a Node.js +library that wraps [`node-fetch-npm`](https://github.com/npm/node-fetch-npm) with additional +features [`node-fetch`](https://github.com/bitinn/node-fetch) doesn't intend to include, including HTTP Cache support, request +pooling, proxies, retries, [and more](#features)! + +## Install + +`$ npm install --save make-fetch-happen` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.defaults`](#fetch-defaults) + * [`node-fetch` options](#node-fetch-options) + * [`make-fetch-happen` options](#extra-options) + * [`opts.cacheManager`](#opts-cache-manager) + * [`opts.cache`](#opts-cache) + * [`opts.proxy`](#opts-proxy) + * [`opts.noProxy`](#opts-no-proxy) + * [`opts.ca, opts.cert, opts.key`](#https-opts) + * [`opts.maxSockets`](#opts-max-sockets) + * [`opts.retry`](#opts-retry) + * [`opts.onRetry`](#opts-onretry) + * [`opts.integrity`](#opts-integrity) +* [Message From Our Sponsors](#wow) + +### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' // path where cache will be written (and read) +}) + +fetch('https://registry.npmjs.org/make-fetch-happen').then(res => { + return res.json() // download the body as JSON +}).then(body => { + console.log(`got ${body.name} from web`) + return fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'no-cache' // forces a conditional request + }) +}).then(res => { + console.log(res.status) // 304! cache validated! + return res.json().then(body => { + console.log(`got ${body.name} from cache`) + }) +}) +``` + +### Features + +* Builds around [`node-fetch`](https://npm.im/node-fetch) for the core [`fetch` API](https://fetch.spec.whatwg.org) implementation +* Request pooling out of the box +* Quite fast, really +* Automatic HTTP-semantics-aware request retries +* Cache-fallback automatic "offline mode" +* Proxy support (http, https, socks, socks4, socks5) +* Built-in request caching following full HTTP caching rules (`Cache-Control`, `ETag`, `304`s, cache fallback on error, etc). +* Customize cache storage with any [Cache API](https://developer.mozilla.org/en-US/docs/Web/API/Cache)-compliant `Cache` instance. Cache to Redis! +* Node.js Stream support +* Transparent gzip and deflate support +* [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) support +* Literally punches nazis +* (PENDING) Range request caching and resuming + +### Contributing + +The make-fetch-happen team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](CONTRIBUTING.md) has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(uriOrRequest, [opts]) -> Promise` + +This function implements most of the [`fetch` API](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch): given a `uri` string or a `Request` instance, it will fire off an http request and return a Promise containing the relevant response. + +If `opts` is provided, the [`node-fetch`-specific options](#node-fetch-options) will be passed to that library. There are also [additional options](#extra-options) specific to make-fetch-happen that add various features, such as HTTP caching, integrity verification, proxy support, and more. + +##### Example + +```javascript +fetch('https://google.com').then(res => res.buffer()) +``` + +#### `> fetch.defaults([defaultUrl], [defaultOpts])` + +Returns a new `fetch` function that will call `make-fetch-happen` using `defaultUrl` and `defaultOpts` as default values to any calls. + +A defaulted `fetch` will also have a `.defaults()` method, so they can be chained. + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-local-cache' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen') // will always use the cache +``` + +#### `> node-fetch options` + +The following options for `node-fetch` are used as-is: + +* method +* body +* redirect +* follow +* timeout +* compress +* size + +These other options are modified or augmented by make-fetch-happen: + +* headers - Default `User-Agent` set to make-fetch happen. `Connection` is set to `keep-alive` or `close` automatically depending on `opts.agent`. +* agent + * If agent is null, an http or https Agent will be automatically used. By default, these will be `http.globalAgent` and `https.globalAgent`. + * If [`opts.proxy`](#opts-proxy) is provided and `opts.agent` is null, the agent will be set to an appropriate proxy-handling agent. + * If `opts.agent` is an object, it will be used as the request-pooling agent argument for this request. + * If `opts.agent` is `false`, it will be passed as-is to the underlying request library. This causes a new Agent to be spawned for every request. + +For more details, see [the documentation for `node-fetch` itself](https://github.com/bitinn/node-fetch#options). + +#### `> make-fetch-happen options` + +make-fetch-happen augments the `node-fetch` API with additional features available through extra options. The following extra options are available: + +* [`opts.cacheManager`](#opts-cache-manager) - Cache target to read/write +* [`opts.cache`](#opts-cache) - `fetch` cache mode. Controls cache *behavior*. +* [`opts.proxy`](#opts-proxy) - Proxy agent +* [`opts.noProxy`](#opts-no-proxy) - Domain segments to disable proxying for. +* [`opts.ca, opts.cert, opts.key, opts.strictSSL`](#https-opts) +* [`opts.localAddress`](#opts-local-address) +* [`opts.maxSockets`](#opts-max-sockets) +* [`opts.retry`](#opts-retry) - Request retry settings +* [`opts.onRetry`](#opts-onretry) - a function called whenever a retry is attempted +* [`opts.integrity`](#opts-integrity) - [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. + +#### `> opts.cacheManager` + +Either a `String` or a `Cache`. If the former, it will be assumed to be a `Path` to be used as the cache root for [`cacache`](https://npm.im/cacache). + +If an object is provided, it will be assumed to be a compliant [`Cache` instance](https://developer.mozilla.org/en-US/docs/Web/API/Cache). Only `Cache.match()`, `Cache.put()`, and `Cache.delete()` are required. Options objects will not be passed in to `match()` or `delete()`. + +By implementing this API, you can customize the storage backend for make-fetch-happen itself -- for example, you could implement a cache that uses `redis` for caching, or simply keeps everything in memory. Most of the caching logic exists entirely on the make-fetch-happen side, so the only thing you need to worry about is reading, writing, and deleting, as well as making sure `fetch.Response` objects are what gets returned. + +You can refer to `cache.js` in the make-fetch-happen source code for a reference implementation. + +**NOTE**: Requests will not be cached unless their response bodies are consumed. You will need to use one of the `res.json()`, `res.buffer()`, etc methods on the response, or drain the `res.body` stream, in order for it to be written. + +The default cache manager also adds the following headers to cached responses: + +* `X-Local-Cache`: Path to the cache the content was found in +* `X-Local-Cache-Key`: Unique cache entry key for this response +* `X-Local-Cache-Hash`: Specific integrity hash for the cached entry +* `X-Local-Cache-Time`: UTCString of the cache insertion time for the entry + +Using [`cacache`](https://npm.im/cacache), a call like this may be used to +manually fetch the cached entry: + +```javascript +const h = response.headers +cacache.get(h.get('x-local-cache'), h.get('x-local-cache-key')) + +// grab content only, directly: +cacache.get.byDigest(h.get('x-local-cache'), h.get('x-local-cache-hash')) +``` + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + cacheManager: './my-local-cache' +}) // -> 200-level response will be written to disk + +fetch('https://npm.im/cacache', { + cacheManager: new MyCustomRedisCache(process.env.PORT) +}) // -> 200-level response will be written to redis +``` + +A possible (minimal) implementation for `MyCustomRedisCache`: + +```javascript +const bluebird = require('bluebird') +const redis = require("redis") +bluebird.promisifyAll(redis.RedisClient.prototype) +class MyCustomRedisCache { + constructor (opts) { + this.redis = redis.createClient(opts) + } + match (req) { + return this.redis.getAsync(req.url).then(res => { + if (res) { + const parsed = JSON.parse(res) + return new fetch.Response(parsed.body, { + url: req.url, + headers: parsed.headers, + status: 200 + }) + } + }) + } + put (req, res) { + return res.buffer().then(body => { + return this.redis.setAsync(req.url, JSON.stringify({ + body: body, + headers: res.headers.raw() + })) + }).then(() => { + // return the response itself + return res + }) + } + 'delete' (req) { + return this.redis.unlinkAsync(req.url) + } +} +``` + +#### `> opts.cache` + +This option follows the standard `fetch` API cache option. This option will do nothing if [`opts.cacheManager`](#opts-cache-manager) is null. The following values are accepted (as strings): + +* `default` - Fetch will inspect the HTTP cache on the way to the network. If there is a fresh response it will be used. If there is a stale response a conditional request will be created, and a normal request otherwise. It then updates the HTTP cache with the response. If the revalidation request fails (for example, on a 500 or if you're offline), the stale response will be returned. +* `no-store` - Fetch behaves as if there is no HTTP cache at all. +* `reload` - Fetch behaves as if there is no HTTP cache on the way to the network. Ergo, it creates a normal request and updates the HTTP cache with the response. +* `no-cache` - Fetch creates a conditional request if there is a response in the HTTP cache and a normal request otherwise. It then updates the HTTP cache with the response. +* `force-cache` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it creates a normal request and updates the HTTP cache with the response. +* `only-if-cached` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it returns a network error. (Can only be used when request’s mode is "same-origin". Any cached redirects will be followed assuming request’s redirect mode is "follow" and the redirects do not violate request’s mode.) + +(Note: option descriptions are taken from https://fetch.spec.whatwg.org/#http-network-or-cache-fetch) + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' +}) + +// Will error with ENOTCACHED if we haven't already cached this url +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'only-if-cached' +}) + +// Will refresh any local content and cache the new response +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'reload' +}) + +// Will use any local data, even if stale. Otherwise, will hit network. +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'force-cache' +}) +``` + +#### `> opts.proxy` + +A string or `url.parse`-d URI to proxy through. Different Proxy handlers will be +used depending on the proxy's protocol. + +Additionally, `process.env.HTTP_PROXY`, `process.env.HTTPS_PROXY`, and +`process.env.PROXY` are used if present and no `opts.proxy` value is provided. + +(Pending) `process.env.NO_PROXY` may also be configured to skip proxying requests for all, or specific domains. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: 'https://corporate.yourcompany.proxy:4445' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: { + protocol: 'https:', + hostname: 'corporate.yourcompany.proxy', + port: 4445 + } +}) +``` + +#### `> opts.noProxy` + +If present, should be a comma-separated string or an array of domain extensions +that a proxy should _not_ be used for. + +This option may also be provided through `process.env.NO_PROXY`. + +#### `> opts.ca, opts.cert, opts.key, opts.strictSSL` + +These values are passed in directly to the HTTPS agent and will be used for both +proxied and unproxied outgoing HTTPS requests. They mostly correspond to the +same options the `https` module accepts, which will be themselves passed to +`tls.connect()`. `opts.strictSSL` corresponds to `rejectUnauthorized`. + +#### `> opts.localAddress` + +Passed directly to `http` and `https` request calls. Determines the local +address to bind to. + +#### `> opts.maxSockets` + +Default: 15 + +Maximum number of active concurrent sockets to use for the underlying +Http/Https/Proxy agents. This setting applies once per spawned agent. + +15 is probably a _pretty good value_ for most use-cases, and balances speed +with, uh, not knocking out people's routers. 🤓 + +#### `> opts.retry` + +An object that can be used to tune request retry settings. Retries will only be attempted on the following conditions: + +* Request method is NOT `POST` AND +* Request status is one of: `408`, `420`, `429`, or any status in the 500-range. OR +* Request errored with `ECONNRESET`, `ECONNREFUSED`, `EADDRINUSE`, `ETIMEDOUT`, or the `fetch` error `request-timeout`. + +The following are worth noting as explicitly not retried: + +* `getaddrinfo ENOTFOUND` and will be assumed to be either an unreachable domain or the user will be assumed offline. If a response is cached, it will be returned immediately. +* `ECONNRESET` currently has no support for restarting. It will eventually be supported but requires a bit more juggling due to streaming. + +If `opts.retry` is `false`, it is equivalent to `{retries: 0}` + +If `opts.retry` is a number, it is equivalent to `{retries: num}` + +The following retry options are available if you want more control over it: + +* retries +* factor +* minTimeout +* maxTimeout +* randomize + +For details on what each of these do, refer to the [`retry`](https://npm.im/retry) documentation. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + retry: { + retries: 10, + randomize: true + } +}) + +fetch('http://reliable.site.com', { + retry: false +}) + +fetch('http://one-more.site.com', { + retry: 3 +}) +``` + +#### `> opts.onRetry` + +A function called whenever a retry is attempted. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + onRetry() { + console.log('we will retry!') + } +}) +``` + +#### `> opts.integrity` + +Matches the response body against the given [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. If verification fails, the request will fail with an `EINTEGRITY` error. + +`integrity` may either be a string or an [`ssri`](https://npm.im/ssri) `Integrity`-like. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // -> ok + +fetch('https://malicious-registry.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // Error: EINTEGRITY +``` + +### Message From Our Sponsors + +![](stop.gif) + +![](happening.gif) diff --git a/node_modules/libnpmorg/node_modules/make-fetch-happen/agent.js b/node_modules/libnpmorg/node_modules/make-fetch-happen/agent.js new file mode 100644 index 0000000000000..55675946ad97d --- /dev/null +++ b/node_modules/libnpmorg/node_modules/make-fetch-happen/agent.js @@ -0,0 +1,171 @@ +'use strict' +const LRU = require('lru-cache') +const url = require('url') + +let AGENT_CACHE = new LRU({ max: 50 }) +let HttpsAgent +let HttpAgent + +module.exports = getAgent + +function getAgent (uri, opts) { + const parsedUri = url.parse(typeof uri === 'string' ? uri : uri.url) + const isHttps = parsedUri.protocol === 'https:' + const pxuri = getProxyUri(uri, opts) + + const key = [ + `https:${isHttps}`, + pxuri + ? `proxy:${pxuri.protocol}//${pxuri.host}:${pxuri.port}` + : '>no-proxy<', + `local-address:${opts.localAddress || '>no-local-address<'}`, + `strict-ssl:${isHttps ? !!opts.strictSSL : '>no-strict-ssl<'}`, + `ca:${(isHttps && opts.ca) || '>no-ca<'}`, + `cert:${(isHttps && opts.cert) || '>no-cert<'}`, + `key:${(isHttps && opts.key) || '>no-key<'}` + ].join(':') + + if (opts.agent != null) { // `agent: false` has special behavior! + return opts.agent + } + + if (AGENT_CACHE.peek(key)) { + return AGENT_CACHE.get(key) + } + + if (pxuri) { + const proxy = getProxy(pxuri, opts, isHttps) + AGENT_CACHE.set(key, proxy) + return proxy + } + + if (isHttps && !HttpsAgent) { + HttpsAgent = require('agentkeepalive').HttpsAgent + } else if (!isHttps && !HttpAgent) { + HttpAgent = require('agentkeepalive') + } + + // If opts.timeout is zero, set the agentTimeout to zero as well. A timeout + // of zero disables the timeout behavior (OS limits still apply). Else, if + // opts.timeout is a non-zero value, set it to timeout + 1, to ensure that + // the node-fetch-npm timeout will always fire first, giving us more + // consistent errors. + const agentTimeout = opts.timeout === 0 ? 0 : opts.timeout + 1 + + const agent = isHttps ? new HttpsAgent({ + maxSockets: opts.maxSockets || 15, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + localAddress: opts.localAddress, + rejectUnauthorized: opts.strictSSL, + timeout: agentTimeout + }) : new HttpAgent({ + maxSockets: opts.maxSockets || 15, + localAddress: opts.localAddress, + timeout: agentTimeout + }) + AGENT_CACHE.set(key, agent) + return agent +} + +function checkNoProxy (uri, opts) { + const host = url.parse(uri).hostname.split('.').reverse() + let noproxy = (opts.noProxy || getProcessEnv('no_proxy')) + if (typeof noproxy === 'string') { + noproxy = noproxy.split(/\s*,\s*/g) + } + return noproxy && noproxy.some(no => { + const noParts = no.split('.').filter(x => x).reverse() + if (!noParts.length) { return false } + for (let i = 0; i < noParts.length; i++) { + if (host[i] !== noParts[i]) { + return false + } + } + return true + }) +} + +module.exports.getProcessEnv = getProcessEnv + +function getProcessEnv (env) { + if (!env) { return } + + let value + + if (Array.isArray(env)) { + for (let e of env) { + value = process.env[e] || + process.env[e.toUpperCase()] || + process.env[e.toLowerCase()] + if (typeof value !== 'undefined') { break } + } + } + + if (typeof env === 'string') { + value = process.env[env] || + process.env[env.toUpperCase()] || + process.env[env.toLowerCase()] + } + + return value +} + +function getProxyUri (uri, opts) { + const protocol = url.parse(uri).protocol + + const proxy = opts.proxy || ( + protocol === 'https:' && getProcessEnv('https_proxy') + ) || ( + protocol === 'http:' && getProcessEnv(['https_proxy', 'http_proxy', 'proxy']) + ) + if (!proxy) { return null } + + const parsedProxy = (typeof proxy === 'string') ? url.parse(proxy) : proxy + + return !checkNoProxy(uri, opts) && parsedProxy +} + +let HttpProxyAgent +let HttpsProxyAgent +let SocksProxyAgent +function getProxy (proxyUrl, opts, isHttps) { + let popts = { + host: proxyUrl.hostname, + port: proxyUrl.port, + protocol: proxyUrl.protocol, + path: proxyUrl.path, + auth: proxyUrl.auth, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + timeout: opts.timeout === 0 ? 0 : opts.timeout + 1, + localAddress: opts.localAddress, + maxSockets: opts.maxSockets || 15, + rejectUnauthorized: opts.strictSSL + } + + if (proxyUrl.protocol === 'http:' || proxyUrl.protocol === 'https:') { + if (!isHttps) { + if (!HttpProxyAgent) { + HttpProxyAgent = require('http-proxy-agent') + } + + return new HttpProxyAgent(popts) + } else { + if (!HttpsProxyAgent) { + HttpsProxyAgent = require('https-proxy-agent') + } + + return new HttpsProxyAgent(popts) + } + } + if (proxyUrl.protocol.startsWith('socks')) { + if (!SocksProxyAgent) { + SocksProxyAgent = require('socks-proxy-agent') + } + + return new SocksProxyAgent(popts) + } +} diff --git a/node_modules/libnpmorg/node_modules/make-fetch-happen/cache.js b/node_modules/libnpmorg/node_modules/make-fetch-happen/cache.js new file mode 100644 index 0000000000000..0c519e69fbe81 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/make-fetch-happen/cache.js @@ -0,0 +1,249 @@ +'use strict' + +const cacache = require('cacache') +const fetch = require('node-fetch-npm') +const pipe = require('mississippi').pipe +const ssri = require('ssri') +const through = require('mississippi').through +const to = require('mississippi').to +const url = require('url') +const stream = require('stream') + +const MAX_MEM_SIZE = 5 * 1024 * 1024 // 5MB + +function cacheKey (req) { + const parsed = url.parse(req.url) + return `make-fetch-happen:request-cache:${ + url.format({ + protocol: parsed.protocol, + slashes: parsed.slashes, + host: parsed.host, + hostname: parsed.hostname, + pathname: parsed.pathname + }) + }` +} + +// This is a cacache-based implementation of the Cache standard, +// using node-fetch. +// docs: https://developer.mozilla.org/en-US/docs/Web/API/Cache +// +module.exports = class Cache { + constructor (path, opts) { + this._path = path + this._uid = opts && opts.uid + this._gid = opts && opts.gid + this.Promise = (opts && opts.Promise) || Promise + } + + // Returns a Promise that resolves to the response associated with the first + // matching request in the Cache object. + match (req, opts) { + opts = opts || {} + const key = cacheKey(req) + return cacache.get.info(this._path, key).then(info => { + return info && cacache.get.hasContent( + this._path, info.integrity, opts + ).then(exists => exists && info) + }).then(info => { + if (info && info.metadata && matchDetails(req, { + url: info.metadata.url, + reqHeaders: new fetch.Headers(info.metadata.reqHeaders), + resHeaders: new fetch.Headers(info.metadata.resHeaders), + cacheIntegrity: info.integrity, + integrity: opts && opts.integrity + })) { + const resHeaders = new fetch.Headers(info.metadata.resHeaders) + addCacheHeaders(resHeaders, this._path, key, info.integrity, info.time) + if (req.method === 'HEAD') { + return new fetch.Response(null, { + url: req.url, + headers: resHeaders, + status: 200 + }) + } + let body + const cachePath = this._path + // avoid opening cache file handles until a user actually tries to + // read from it. + if (opts.memoize !== false && info.size > MAX_MEM_SIZE) { + body = new stream.PassThrough() + const realRead = body._read + body._read = function (size) { + body._read = realRead + pipe( + cacache.get.stream.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }), + body, + err => body.emit(err)) + return realRead.call(this, size) + } + } else { + let readOnce = false + // cacache is much faster at bulk reads + body = new stream.Readable({ + read () { + if (readOnce) return this.push(null) + readOnce = true + cacache.get.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }).then(data => { + this.push(data) + this.push(null) + }, err => this.emit('error', err)) + } + }) + } + return this.Promise.resolve(new fetch.Response(body, { + url: req.url, + headers: resHeaders, + status: 200, + size: info.size + })) + } + }) + } + + // Takes both a request and its response and adds it to the given cache. + put (req, response, opts) { + opts = opts || {} + const size = response.headers.get('content-length') + const fitInMemory = !!size && opts.memoize !== false && size < MAX_MEM_SIZE + const ckey = cacheKey(req) + const cacheOpts = { + algorithms: opts.algorithms, + metadata: { + url: req.url, + reqHeaders: req.headers.raw(), + resHeaders: response.headers.raw() + }, + uid: this._uid, + gid: this._gid, + size, + memoize: fitInMemory && opts.memoize + } + if (req.method === 'HEAD' || response.status === 304) { + // Update metadata without writing + return cacache.get.info(this._path, ckey).then(info => { + // Providing these will bypass content write + cacheOpts.integrity = info.integrity + addCacheHeaders( + response.headers, this._path, ckey, info.integrity, info.time + ) + return new this.Promise((resolve, reject) => { + pipe( + cacache.get.stream.byDigest(this._path, info.integrity, cacheOpts), + cacache.put.stream(this._path, cacheKey(req), cacheOpts), + err => err ? reject(err) : resolve(response) + ) + }) + }).then(() => response) + } + let buf = [] + let bufSize = 0 + let cacheTargetStream = false + const cachePath = this._path + let cacheStream = to((chunk, enc, cb) => { + if (!cacheTargetStream) { + if (fitInMemory) { + cacheTargetStream = + to({highWaterMark: MAX_MEM_SIZE}, (chunk, enc, cb) => { + buf.push(chunk) + bufSize += chunk.length + cb() + }, done => { + cacache.put( + cachePath, + cacheKey(req), + Buffer.concat(buf, bufSize), + cacheOpts + ).then( + () => done(), + done + ) + }) + } else { + cacheTargetStream = + cacache.put.stream(cachePath, cacheKey(req), cacheOpts) + } + } + cacheTargetStream.write(chunk, enc, cb) + }, done => { + cacheTargetStream ? cacheTargetStream.end(done) : done() + }) + const oldBody = response.body + const newBody = through({highWaterMark: fitInMemory && MAX_MEM_SIZE}) + response.body = newBody + oldBody.once('error', err => newBody.emit('error', err)) + newBody.once('error', err => oldBody.emit('error', err)) + cacheStream.once('error', err => newBody.emit('error', err)) + pipe(oldBody, to((chunk, enc, cb) => { + cacheStream.write(chunk, enc, () => { + newBody.write(chunk, enc, cb) + }) + }, done => { + cacheStream.end(() => { + newBody.end(() => { + done() + }) + }) + }), err => err && newBody.emit('error', err)) + return response + } + + // Finds the Cache entry whose key is the request, and if found, deletes the + // Cache entry and returns a Promise that resolves to true. If no Cache entry + // is found, it returns false. + 'delete' (req, opts) { + opts = opts || {} + if (typeof opts.memoize === 'object') { + if (opts.memoize.reset) { + opts.memoize.reset() + } else if (opts.memoize.clear) { + opts.memoize.clear() + } else { + Object.keys(opts.memoize).forEach(k => { + opts.memoize[k] = null + }) + } + } + return cacache.rm.entry( + this._path, + cacheKey(req) + // TODO - true/false + ).then(() => false) + } +} + +function matchDetails (req, cached) { + const reqUrl = url.parse(req.url) + const cacheUrl = url.parse(cached.url) + const vary = cached.resHeaders.get('Vary') + // https://tools.ietf.org/html/rfc7234#section-4.1 + if (vary) { + if (vary.match(/\*/)) { + return false + } else { + const fieldsMatch = vary.split(/\s*,\s*/).every(field => { + return cached.reqHeaders.get(field) === req.headers.get(field) + }) + if (!fieldsMatch) { + return false + } + } + } + if (cached.integrity) { + return ssri.parse(cached.integrity).match(cached.cacheIntegrity) + } + reqUrl.hash = null + cacheUrl.hash = null + return url.format(reqUrl) === url.format(cacheUrl) +} + +function addCacheHeaders (resHeaders, path, key, hash, time) { + resHeaders.set('X-Local-Cache', encodeURIComponent(path)) + resHeaders.set('X-Local-Cache-Key', encodeURIComponent(key)) + resHeaders.set('X-Local-Cache-Hash', encodeURIComponent(hash)) + resHeaders.set('X-Local-Cache-Time', new Date(time).toUTCString()) +} diff --git a/node_modules/libnpmorg/node_modules/make-fetch-happen/index.js b/node_modules/libnpmorg/node_modules/make-fetch-happen/index.js new file mode 100644 index 0000000000000..0f2c164e19f28 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/make-fetch-happen/index.js @@ -0,0 +1,482 @@ +'use strict' + +let Cache +const url = require('url') +const CachePolicy = require('http-cache-semantics') +const fetch = require('node-fetch-npm') +const pkg = require('./package.json') +const retry = require('promise-retry') +let ssri +const Stream = require('stream') +const getAgent = require('./agent') +const setWarning = require('./warning') + +const isURL = /^https?:/ +const USER_AGENT = `${pkg.name}/${pkg.version} (+https://npm.im/${pkg.name})` + +const RETRY_ERRORS = [ + 'ECONNRESET', // remote socket closed on us + 'ECONNREFUSED', // remote host refused to open connection + 'EADDRINUSE', // failed to bind to a local port (proxy?) + 'ETIMEDOUT' // someone in the transaction is WAY TOO SLOW + // Known codes we do NOT retry on: + // ENOTFOUND (getaddrinfo failure. Either bad hostname, or offline) +] + +const RETRY_TYPES = [ + 'request-timeout' +] + +// https://fetch.spec.whatwg.org/#http-network-or-cache-fetch +module.exports = cachingFetch +cachingFetch.defaults = function (_uri, _opts) { + const fetch = this + if (typeof _uri === 'object') { + _opts = _uri + _uri = null + } + + function defaultedFetch (uri, opts) { + const finalOpts = Object.assign({}, _opts || {}, opts || {}) + return fetch(uri || _uri, finalOpts) + } + + defaultedFetch.defaults = fetch.defaults + defaultedFetch.delete = fetch.delete + return defaultedFetch +} + +cachingFetch.delete = cacheDelete +function cacheDelete (uri, opts) { + opts = configureOptions(opts) + if (opts.cacheManager) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + return opts.cacheManager.delete(req, opts) + } +} + +function initializeCache (opts) { + if (typeof opts.cacheManager === 'string') { + if (!Cache) { + // Default cacache-based cache + Cache = require('./cache') + } + + opts.cacheManager = new Cache(opts.cacheManager, opts) + } + + opts.cache = opts.cache || 'default' + + if (opts.cache === 'default' && isHeaderConditional(opts.headers)) { + // If header list contains `If-Modified-Since`, `If-None-Match`, + // `If-Unmodified-Since`, `If-Match`, or `If-Range`, fetch will set cache + // mode to "no-store" if it is "default". + opts.cache = 'no-store' + } +} + +function configureOptions (_opts) { + const opts = Object.assign({}, _opts || {}) + opts.method = (opts.method || 'GET').toUpperCase() + + if (opts.retry && typeof opts.retry === 'number') { + opts.retry = { retries: opts.retry } + } + + if (opts.retry === false) { + opts.retry = { retries: 0 } + } + + if (opts.cacheManager) { + initializeCache(opts) + } + + return opts +} + +function initializeSsri () { + if (!ssri) { + ssri = require('ssri') + } +} + +function cachingFetch (uri, _opts) { + const opts = configureOptions(_opts) + + if (opts.integrity) { + initializeSsri() + // if verifying integrity, node-fetch must not decompress + opts.compress = false + } + + const isCachable = (opts.method === 'GET' || opts.method === 'HEAD') && + opts.cacheManager && + opts.cache !== 'no-store' && + opts.cache !== 'reload' + + if (isCachable) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + + return opts.cacheManager.match(req, opts).then(res => { + if (res) { + const warningCode = (res.headers.get('Warning') || '').match(/^\d+/) + if (warningCode && +warningCode >= 100 && +warningCode < 200) { + // https://tools.ietf.org/html/rfc7234#section-4.3.4 + // + // If a stored response is selected for update, the cache MUST: + // + // * delete any Warning header fields in the stored response with + // warn-code 1xx (see Section 5.5); + // + // * retain any Warning header fields in the stored response with + // warn-code 2xx; + // + res.headers.delete('Warning') + } + + if (opts.cache === 'default' && !isStale(req, res)) { + return res + } + + if (opts.cache === 'default' || opts.cache === 'no-cache') { + return conditionalFetch(req, res, opts) + } + + if (opts.cache === 'force-cache' || opts.cache === 'only-if-cached') { + // 112 Disconnected operation + // SHOULD be included if the cache is intentionally disconnected from + // the rest of the network for a period of time. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(res, 112, 'Disconnected operation') + return res + } + } + + if (!res && opts.cache === 'only-if-cached') { + const errorMsg = `request to ${ + uri + } failed: cache mode is 'only-if-cached' but no cached response available.` + + const err = new Error(errorMsg) + err.code = 'ENOTCACHED' + throw err + } + + // Missing cache entry, or mode is default (if stale), reload, no-store + return remoteFetch(req.url, opts) + }) + } + + return remoteFetch(uri, opts) +} + +function iterableToObject (iter) { + const obj = {} + for (let k of iter.keys()) { + obj[k] = iter.get(k) + } + return obj +} + +function makePolicy (req, res) { + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + const _res = { + status: res.status, + headers: iterableToObject(res.headers) + } + + return new CachePolicy(_req, _res, { shared: false }) +} + +// https://tools.ietf.org/html/rfc7234#section-4.2 +function isStale (req, res) { + if (!res) { + return null + } + + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + + const policy = makePolicy(req, res) + + const responseTime = res.headers.get('x-local-cache-time') || + res.headers.get('date') || + 0 + + policy._responseTime = new Date(responseTime) + + const bool = !policy.satisfiesWithoutRevalidation(_req) + return bool +} + +function mustRevalidate (res) { + return (res.headers.get('cache-control') || '').match(/must-revalidate/i) +} + +function conditionalFetch (req, cachedRes, opts) { + const _req = { + url: req.url, + method: req.method, + headers: Object.assign({}, opts.headers || {}) + } + + const policy = makePolicy(req, cachedRes) + opts.headers = policy.revalidationHeaders(_req) + + return remoteFetch(req.url, opts) + .then(condRes => { + const revalidatedPolicy = policy.revalidatedPolicy(_req, { + status: condRes.status, + headers: iterableToObject(condRes.headers) + }) + + if (condRes.status >= 500 && !mustRevalidate(cachedRes)) { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + return cachedRes + } + + if (condRes.status === 304) { // 304 Not Modified + condRes.body = cachedRes.body + return opts.cacheManager.put(req, condRes, opts) + .then(newRes => { + newRes.headers = new fetch.Headers(revalidatedPolicy.policy.responseHeaders()) + return newRes + }) + } + + return condRes + }) + .then(res => res) + .catch(err => { + if (mustRevalidate(cachedRes)) { + throw err + } else { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + // 199 Miscellaneous warning + // The warning text MAY include arbitrary information to be presented to + // a human user, or logged. A system receiving this warning MUST NOT take + // any automated action, besides presenting the warning to the user. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning( + cachedRes, + 199, + `Miscellaneous Warning ${err.code}: ${err.message}` + ) + + return cachedRes + } + }) +} + +function remoteFetchHandleIntegrity (res, integrity) { + const oldBod = res.body + const newBod = ssri.integrityStream({ + integrity + }) + oldBod.pipe(newBod) + res.body = newBod + oldBod.once('error', err => { + newBod.emit('error', err) + }) + newBod.once('error', err => { + oldBod.emit('error', err) + }) +} + +function remoteFetch (uri, opts) { + const agent = getAgent(uri, opts) + const headers = Object.assign({ + 'connection': agent ? 'keep-alive' : 'close', + 'user-agent': USER_AGENT + }, opts.headers || {}) + + const reqOpts = { + agent, + body: opts.body, + compress: opts.compress, + follow: opts.follow, + headers: new fetch.Headers(headers), + method: opts.method, + redirect: 'manual', + size: opts.size, + counter: opts.counter, + timeout: opts.timeout + } + + return retry( + (retryHandler, attemptNum) => { + const req = new fetch.Request(uri, reqOpts) + return fetch(req) + .then(res => { + res.headers.set('x-fetch-attempts', attemptNum) + + if (opts.integrity) { + remoteFetchHandleIntegrity(res, opts.integrity) + } + + const isStream = req.body instanceof Stream + + if (opts.cacheManager) { + const isMethodGetHead = req.method === 'GET' || + req.method === 'HEAD' + + const isCachable = opts.cache !== 'no-store' && + isMethodGetHead && + makePolicy(req, res).storable() && + res.status === 200 // No other statuses should be stored! + + if (isCachable) { + return opts.cacheManager.put(req, res, opts) + } + + if (!isMethodGetHead) { + return opts.cacheManager.delete(req).then(() => { + if (res.status >= 500 && req.method !== 'POST' && !isStream) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + return res + }) + } + } + + const isRetriable = req.method !== 'POST' && + !isStream && ( + res.status === 408 || // Request Timeout + res.status === 420 || // Enhance Your Calm (usually Twitter rate-limit) + res.status === 429 || // Too Many Requests ("standard" rate-limiting) + res.status >= 500 // Assume server errors are momentary hiccups + ) + + if (isRetriable) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + if (!fetch.isRedirect(res.status) || opts.redirect === 'manual') { + return res + } + + // handle redirects - matches behavior of npm-fetch: https://github.com/bitinn/node-fetch + if (opts.redirect === 'error') { + const err = new Error(`redirect mode is set to error: ${uri}`) + err.code = 'ENOREDIRECT' + throw err + } + + if (!res.headers.get('location')) { + const err = new Error(`redirect location header missing at: ${uri}`) + err.code = 'EINVALIDREDIRECT' + throw err + } + + if (req.counter >= req.follow) { + const err = new Error(`maximum redirect reached at: ${uri}`) + err.code = 'EMAXREDIRECT' + throw err + } + + const resolvedUrl = url.resolve(req.url, res.headers.get('location')) + let redirectURL = url.parse(resolvedUrl) + + if (isURL.test(res.headers.get('location'))) { + redirectURL = url.parse(res.headers.get('location')) + } + + // Remove authorization if changing hostnames (but not if just + // changing ports or protocols). This matches the behavior of request: + // https://github.com/request/request/blob/b12a6245/lib/redirect.js#L134-L138 + if (url.parse(req.url).hostname !== redirectURL.hostname) { + req.headers.delete('authorization') + } + + // for POST request with 301/302 response, or any request with 303 response, + // use GET when following redirect + if (res.status === 303 || + ((res.status === 301 || res.status === 302) && req.method === 'POST')) { + opts.method = 'GET' + opts.body = null + req.headers.delete('content-length') + } + + opts.headers = {} + req.headers.forEach((value, name) => { + opts.headers[name] = value + }) + + opts.counter = ++req.counter + return cachingFetch(resolvedUrl, opts) + }) + .catch(err => { + const code = err.code === 'EPROMISERETRY' ? err.retried.code : err.code + + const isRetryError = RETRY_ERRORS.indexOf(code) === -1 && + RETRY_TYPES.indexOf(err.type) === -1 + + if (req.method === 'POST' || isRetryError) { + throw err + } + + if (typeof opts.onRetry === 'function') { + opts.onRetry(err) + } + + return retryHandler(err) + }) + }, + opts.retry + ).catch(err => { + if (err.status >= 400) { + return err + } + + throw err + }) +} + +function isHeaderConditional (headers) { + if (!headers || typeof headers !== 'object') { + return false + } + + const modifiers = [ + 'if-modified-since', + 'if-none-match', + 'if-unmodified-since', + 'if-match', + 'if-range' + ] + + return Object.keys(headers) + .some(h => modifiers.indexOf(h.toLowerCase()) !== -1) +} diff --git a/node_modules/libnpmorg/node_modules/make-fetch-happen/package.json b/node_modules/libnpmorg/node_modules/make-fetch-happen/package.json new file mode 100644 index 0000000000000..8294ba9bdb7cc --- /dev/null +++ b/node_modules/libnpmorg/node_modules/make-fetch-happen/package.json @@ -0,0 +1,94 @@ +{ + "_from": "make-fetch-happen@^4.0.2", + "_id": "make-fetch-happen@4.0.2", + "_inBundle": false, + "_integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "_location": "/libnpmorg/make-fetch-happen", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "make-fetch-happen@^4.0.2", + "name": "make-fetch-happen", + "escapedName": "make-fetch-happen", + "rawSpec": "^4.0.2", + "saveSpec": null, + "fetchSpec": "^4.0.2" + }, + "_requiredBy": [ + "/libnpmorg/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "_shasum": "2d156b11696fb32bffbafe1ac1bc085dd6c78a79", + "_spec": "make-fetch-happen@^4.0.2", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmorg/node_modules/npm-registry-fetch", + "author": { + "name": "Kat Marchán", + "email": "kzm@zkat.tech" + }, + "bugs": { + "url": "https://github.com/zkat/make-fetch-happen/issues" + }, + "bundleDependencies": false, + "dependencies": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + }, + "deprecated": false, + "description": "Opinionated, caching, retrying fetch client", + "devDependencies": { + "bluebird": "^3.5.1", + "mkdirp": "^0.5.1", + "nock": "^9.2.3", + "npmlog": "^4.1.2", + "require-inject": "^1.4.2", + "rimraf": "^2.6.2", + "safe-buffer": "^5.1.1", + "standard": "^11.0.1", + "standard-version": "^4.3.0", + "tacks": "^1.2.6", + "tap": "^12.7.0", + "weallbehave": "^1.0.0", + "weallcontribute": "^1.0.7" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/zkat/make-fetch-happen#readme", + "keywords": [ + "http", + "request", + "fetch", + "mean girls", + "caching", + "cache", + "subresource integrity" + ], + "license": "ISC", + "main": "index.js", + "name": "make-fetch-happen", + "repository": { + "type": "git", + "url": "git+https://github.com/zkat/make-fetch-happen.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap --coverage --nyc-arg=--all --timeout=35 -J test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmorg/node_modules/make-fetch-happen/warning.js b/node_modules/libnpmorg/node_modules/make-fetch-happen/warning.js new file mode 100644 index 0000000000000..b8f13cf83195a --- /dev/null +++ b/node_modules/libnpmorg/node_modules/make-fetch-happen/warning.js @@ -0,0 +1,24 @@ +const url = require('url') + +module.exports = setWarning + +function setWarning (reqOrRes, code, message, replace) { + // Warning = "Warning" ":" 1#warning-value + // warning-value = warn-code SP warn-agent SP warn-text [SP warn-date] + // warn-code = 3DIGIT + // warn-agent = ( host [ ":" port ] ) | pseudonym + // ; the name or pseudonym of the server adding + // ; the Warning header, for use in debugging + // warn-text = quoted-string + // warn-date = <"> HTTP-date <"> + // (https://tools.ietf.org/html/rfc2616#section-14.46) + const host = url.parse(reqOrRes.url).host + const jsonMessage = JSON.stringify(message) + const jsonDate = JSON.stringify(new Date().toUTCString()) + const header = replace ? 'set' : 'append' + + reqOrRes.headers[header]( + 'Warning', + `${code} ${host} ${jsonMessage} ${jsonDate}` + ) +} diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmorg/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 0000000000000..d24e026914c23 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,214 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + + +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + + +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + + +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + + +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + + +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + + +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + + +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + + +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + + +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + + +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + + +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + + +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + + +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + + +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + + +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + + +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + + +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmorg/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmorg/node_modules/npm-registry-fetch/README.md new file mode 100644 index 0000000000000..0c3f4f9469955 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [![npm version](https://img.shields.io/npm/v/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![license](https://img.shields.io/npm/l/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![Travis](https://img.shields.io/travis/npm/npm-registry-fetch/latest.svg)](https://travis-ci.org/npm/npm-registry-fetch) [![AppVeyor](https://img.shields.io/appveyor/ci/zkat/npm-registry-fetch/latest.svg)](https://ci.appveyor.com/project/npm/npm-registry-fetch) [![Coverage Status](https://coveralls.io/repos/github/npm/npm-registry-fetch/badge.svg?branch=latest)](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(url, [opts]) -> Promise` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### `> fetch.json(url, [opts]) -> Promise` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### `opts.:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@/node@+ ()'` + +User agent string to send in the `User-Agent` header. + +##### `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 0000000000000..d583982d0a8b2 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 0000000000000..bfde699edcfbd --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/config.js new file mode 100644 index 0000000000000..7fe5dacc94362 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,98 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gid': {}, + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'uid': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 0000000000000..ba78735fce135 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/index.js new file mode 100644 index 0000000000000..4ba3c19243471 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,193 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout, + uid: opts.uid, + gid: opts.gid + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmorg/node_modules/npm-registry-fetch/package.json new file mode 100644 index 0000000000000..0a9c819cada31 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,92 @@ +{ + "_from": "npm-registry-fetch@^3.8.0", + "_id": "npm-registry-fetch@3.9.1", + "_inBundle": false, + "_integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "_location": "/libnpmorg/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^3.8.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^3.8.0", + "saveSpec": null, + "fetchSpec": "^3.8.0" + }, + "_requiredBy": [ + "/libnpmorg" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "_shasum": "00ff6e4e35d3f75a172b332440b53e93f4cb67de", + "_spec": "npm-registry-fetch@^3.8.0", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmorg", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^11.3.3", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "3.9.1" +} diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 0000000000000..886c5d55b2dbb --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmpublish/node_modules/make-fetch-happen/CHANGELOG.md b/node_modules/libnpmpublish/node_modules/make-fetch-happen/CHANGELOG.md new file mode 100644 index 0000000000000..a446842f55d80 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/make-fetch-happen/CHANGELOG.md @@ -0,0 +1,555 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [4.0.2](https://github.com/zkat/make-fetch-happen/compare/v4.0.1...v4.0.2) (2019-07-02) + + + + +## [4.0.1](https://github.com/zkat/make-fetch-happen/compare/v4.0.0...v4.0.1) (2018-04-12) + + +### Bug Fixes + +* **integrity:** use new sri.match() for verification ([4f371a0](https://github.com/zkat/make-fetch-happen/commit/4f371a0)) + + + + +# [4.0.0](https://github.com/zkat/make-fetch-happen/compare/v3.0.0...v4.0.0) (2018-04-09) + + +### meta + +* drop node@4, add node@9 ([7b0191a](https://github.com/zkat/make-fetch-happen/commit/7b0191a)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +# [3.0.0](https://github.com/zkat/make-fetch-happen/compare/v2.6.0...v3.0.0) (2018-03-12) + + +### Bug Fixes + +* **license:** switch to ISC ([#49](https://github.com/zkat/make-fetch-happen/issues/49)) ([bf90c6d](https://github.com/zkat/make-fetch-happen/commit/bf90c6d)) +* **standard:** standard@11 update ([ff0aa70](https://github.com/zkat/make-fetch-happen/commit/ff0aa70)) + + +### BREAKING CHANGES + +* **license:** license changed from CC0 to ISC. + + + + +# [2.6.0](https://github.com/zkat/make-fetch-happen/compare/v2.5.0...v2.6.0) (2017-11-14) + + +### Bug Fixes + +* **integrity:** disable node-fetch compress when checking integrity (#42) ([a7cc74c](https://github.com/zkat/make-fetch-happen/commit/a7cc74c)) + + +### Features + +* **onretry:** Add `options.onRetry` (#48) ([f90ccff](https://github.com/zkat/make-fetch-happen/commit/f90ccff)) + + + + +# [2.5.0](https://github.com/zkat/make-fetch-happen/compare/v2.4.13...v2.5.0) (2017-08-24) + + +### Bug Fixes + +* **agent:** support timeout durations greater than 30 seconds ([04875ae](https://github.com/zkat/make-fetch-happen/commit/04875ae)), closes [#35](https://github.com/zkat/make-fetch-happen/issues/35) + + +### Features + +* **cache:** export cache deletion functionality (#40) ([3da4250](https://github.com/zkat/make-fetch-happen/commit/3da4250)) + + + + +## [2.4.13](https://github.com/zkat/make-fetch-happen/compare/v2.4.12...v2.4.13) (2017-06-29) + + +### Bug Fixes + +* **deps:** bump other deps for bugfixes ([eab8297](https://github.com/zkat/make-fetch-happen/commit/eab8297)) +* **proxy:** bump proxy deps with bugfixes (#32) ([632f860](https://github.com/zkat/make-fetch-happen/commit/632f860)), closes [#32](https://github.com/zkat/make-fetch-happen/issues/32) + + + + +## [2.4.12](https://github.com/zkat/make-fetch-happen/compare/v2.4.11...v2.4.12) (2017-06-06) + + +### Bug Fixes + +* **cache:** encode x-local-cache-etc headers to be header-safe ([dc9fb1b](https://github.com/zkat/make-fetch-happen/commit/dc9fb1b)) + + + + +## [2.4.11](https://github.com/zkat/make-fetch-happen/compare/v2.4.10...v2.4.11) (2017-06-05) + + +### Bug Fixes + +* **deps:** bump deps with ssri fix ([bef1994](https://github.com/zkat/make-fetch-happen/commit/bef1994)) + + + + +## [2.4.10](https://github.com/zkat/make-fetch-happen/compare/v2.4.9...v2.4.10) (2017-05-31) + + +### Bug Fixes + +* **deps:** bump dep versions with bugfixes ([0af4003](https://github.com/zkat/make-fetch-happen/commit/0af4003)) +* **proxy:** use auth parameter for proxy authentication (#30) ([c687306](https://github.com/zkat/make-fetch-happen/commit/c687306)) + + + + +## [2.4.9](https://github.com/zkat/make-fetch-happen/compare/v2.4.8...v2.4.9) (2017-05-25) + + +### Bug Fixes + +* **cache:** use the passed-in promise for resolving cache stuff ([4c46257](https://github.com/zkat/make-fetch-happen/commit/4c46257)) + + + + +## [2.4.8](https://github.com/zkat/make-fetch-happen/compare/v2.4.7...v2.4.8) (2017-05-25) + + +### Bug Fixes + +* **cache:** pass uid/gid/Promise through to cache ([a847c92](https://github.com/zkat/make-fetch-happen/commit/a847c92)) + + + + +## [2.4.7](https://github.com/zkat/make-fetch-happen/compare/v2.4.6...v2.4.7) (2017-05-24) + + +### Bug Fixes + +* **deps:** pull in various fixes from deps ([fc2a587](https://github.com/zkat/make-fetch-happen/commit/fc2a587)) + + + + +## [2.4.6](https://github.com/zkat/make-fetch-happen/compare/v2.4.5...v2.4.6) (2017-05-24) + + +### Bug Fixes + +* **proxy:** choose agent for http(s)-proxy by protocol of destUrl ([ea4832a](https://github.com/zkat/make-fetch-happen/commit/ea4832a)) +* **proxy:** make socks proxy working ([1de810a](https://github.com/zkat/make-fetch-happen/commit/1de810a)) +* **proxy:** revert previous proxy solution ([563b0d8](https://github.com/zkat/make-fetch-happen/commit/563b0d8)) + + + + +## [2.4.5](https://github.com/zkat/make-fetch-happen/compare/v2.4.4...v2.4.5) (2017-05-24) + + +### Bug Fixes + +* **proxy:** use the destination url when determining agent ([1a714e7](https://github.com/zkat/make-fetch-happen/commit/1a714e7)) + + + + +## [2.4.4](https://github.com/zkat/make-fetch-happen/compare/v2.4.3...v2.4.4) (2017-05-23) + + +### Bug Fixes + +* **redirect:** handle redirects explicitly (#27) ([4c4af54](https://github.com/zkat/make-fetch-happen/commit/4c4af54)) + + + + +## [2.4.3](https://github.com/zkat/make-fetch-happen/compare/v2.4.2...v2.4.3) (2017-05-06) + + +### Bug Fixes + +* **redirect:** redirects now delete authorization if hosts fail to match ([c071805](https://github.com/zkat/make-fetch-happen/commit/c071805)) + + + + +## [2.4.2](https://github.com/zkat/make-fetch-happen/compare/v2.4.1...v2.4.2) (2017-05-04) + + +### Bug Fixes + +* **cache:** reduce race condition window by checking for content ([24544b1](https://github.com/zkat/make-fetch-happen/commit/24544b1)) +* **match:** Rewrite the conditional stream logic (#25) ([66bba4b](https://github.com/zkat/make-fetch-happen/commit/66bba4b)) + + + + +## [2.4.1](https://github.com/zkat/make-fetch-happen/compare/v2.4.0...v2.4.1) (2017-04-28) + + +### Bug Fixes + +* **memoization:** missed spots + allow passthrough of memo objs ([ac0cd12](https://github.com/zkat/make-fetch-happen/commit/ac0cd12)) + + + + +# [2.4.0](https://github.com/zkat/make-fetch-happen/compare/v2.3.0...v2.4.0) (2017-04-28) + + +### Bug Fixes + +* **memoize:** cacache had a broken memoizer ([8a9ed4c](https://github.com/zkat/make-fetch-happen/commit/8a9ed4c)) + + +### Features + +* **memoization:** only slurp stuff into memory if opts.memoize is not false ([0744adc](https://github.com/zkat/make-fetch-happen/commit/0744adc)) + + + + +# [2.3.0](https://github.com/zkat/make-fetch-happen/compare/v2.2.6...v2.3.0) (2017-04-27) + + +### Features + +* **agent:** added opts.strictSSL and opts.localAddress ([c35015a](https://github.com/zkat/make-fetch-happen/commit/c35015a)) +* **proxy:** Added opts.noProxy and NO_PROXY support ([f45c915](https://github.com/zkat/make-fetch-happen/commit/f45c915)) + + + + +## [2.2.6](https://github.com/zkat/make-fetch-happen/compare/v2.2.5...v2.2.6) (2017-04-26) + + +### Bug Fixes + +* **agent:** check uppercase & lowercase proxy env (#24) ([acf2326](https://github.com/zkat/make-fetch-happen/commit/acf2326)), closes [#22](https://github.com/zkat/make-fetch-happen/issues/22) +* **deps:** switch to node-fetch-npm and stop bundling ([3db603b](https://github.com/zkat/make-fetch-happen/commit/3db603b)) + + + + +## [2.2.5](https://github.com/zkat/make-fetch-happen/compare/v2.2.4...v2.2.5) (2017-04-23) + + +### Bug Fixes + +* **deps:** bump cacache and use its size feature ([926c1d3](https://github.com/zkat/make-fetch-happen/commit/926c1d3)) + + + + +## [2.2.4](https://github.com/zkat/make-fetch-happen/compare/v2.2.3...v2.2.4) (2017-04-18) + + +### Bug Fixes + +* **integrity:** hash verification issues fixed ([07f9402](https://github.com/zkat/make-fetch-happen/commit/07f9402)) + + + + +## [2.2.3](https://github.com/zkat/make-fetch-happen/compare/v2.2.2...v2.2.3) (2017-04-18) + + +### Bug Fixes + +* **staleness:** responses older than 8h were never stale :< ([b54dd75](https://github.com/zkat/make-fetch-happen/commit/b54dd75)) +* **warning:** remove spurious warning, make format more spec-compliant ([2e4f6bb](https://github.com/zkat/make-fetch-happen/commit/2e4f6bb)) + + + + +## [2.2.2](https://github.com/zkat/make-fetch-happen/compare/v2.2.1...v2.2.2) (2017-04-12) + + +### Bug Fixes + +* **retry:** stop retrying 404s ([6fafd53](https://github.com/zkat/make-fetch-happen/commit/6fafd53)) + + + + +## [2.2.1](https://github.com/zkat/make-fetch-happen/compare/v2.2.0...v2.2.1) (2017-04-10) + + +### Bug Fixes + +* **deps:** move test-only deps to devDeps ([2daaf80](https://github.com/zkat/make-fetch-happen/commit/2daaf80)) + + + + +# [2.2.0](https://github.com/zkat/make-fetch-happen/compare/v2.1.0...v2.2.0) (2017-04-09) + + +### Bug Fixes + +* **cache:** treat caches as private ([57b7dc2](https://github.com/zkat/make-fetch-happen/commit/57b7dc2)) + + +### Features + +* **retry:** accept shorthand retry settings ([dfed69d](https://github.com/zkat/make-fetch-happen/commit/dfed69d)) + + + + +# [2.1.0](https://github.com/zkat/make-fetch-happen/compare/v2.0.4...v2.1.0) (2017-04-09) + + +### Features + +* **cache:** cache now obeys Age and a variety of other things (#13) ([7b9652d](https://github.com/zkat/make-fetch-happen/commit/7b9652d)) + + + + +## [2.0.4](https://github.com/zkat/make-fetch-happen/compare/v2.0.3...v2.0.4) (2017-04-09) + + +### Bug Fixes + +* **agent:** accept Request as fetch input, not just strings ([b71669a](https://github.com/zkat/make-fetch-happen/commit/b71669a)) + + + + +## [2.0.3](https://github.com/zkat/make-fetch-happen/compare/v2.0.2...v2.0.3) (2017-04-09) + + +### Bug Fixes + +* **deps:** seriously ([c29e7e7](https://github.com/zkat/make-fetch-happen/commit/c29e7e7)) + + + + +## [2.0.2](https://github.com/zkat/make-fetch-happen/compare/v2.0.1...v2.0.2) (2017-04-09) + + +### Bug Fixes + +* **deps:** use bundleDeps instead ([c36ebf0](https://github.com/zkat/make-fetch-happen/commit/c36ebf0)) + + + + +## [2.0.1](https://github.com/zkat/make-fetch-happen/compare/v2.0.0...v2.0.1) (2017-04-09) + + +### Bug Fixes + +* **deps:** make sure node-fetch tarball included in release ([3bf49d1](https://github.com/zkat/make-fetch-happen/commit/3bf49d1)) + + + + +# [2.0.0](https://github.com/zkat/make-fetch-happen/compare/v1.7.0...v2.0.0) (2017-04-09) + + +### Bug Fixes + +* **deps:** manually pull in newer node-fetch to avoid babel prod dep ([66e5e87](https://github.com/zkat/make-fetch-happen/commit/66e5e87)) +* **retry:** be more specific about when we retry ([a47b782](https://github.com/zkat/make-fetch-happen/commit/a47b782)) + + +### Features + +* **agent:** add ca/cert/key support to auto-agent (#15) ([57585a7](https://github.com/zkat/make-fetch-happen/commit/57585a7)) + + +### BREAKING CHANGES + +* **agent:** pac proxies are no longer supported. +* **retry:** Retry logic has changes. + +* 404s, 420s, and 429s all retry now. +* ENOTFOUND no longer retries. +* Only ECONNRESET, ECONNREFUSED, EADDRINUSE, ETIMEDOUT, and `request-timeout` errors are retried. + + + + +# [1.7.0](https://github.com/zkat/make-fetch-happen/compare/v1.6.0...v1.7.0) (2017-04-08) + + +### Features + +* **cache:** add useful headers to inform users about cached data ([9bd7b00](https://github.com/zkat/make-fetch-happen/commit/9bd7b00)) + + + + +# [1.6.0](https://github.com/zkat/make-fetch-happen/compare/v1.5.1...v1.6.0) (2017-04-06) + + +### Features + +* **agent:** better, keepalive-supporting, default http agents ([16277f6](https://github.com/zkat/make-fetch-happen/commit/16277f6)) + + + + +## [1.5.1](https://github.com/zkat/make-fetch-happen/compare/v1.5.0...v1.5.1) (2017-04-05) + + +### Bug Fixes + +* **cache:** bump cacache for its fixed error messages ([2f2b916](https://github.com/zkat/make-fetch-happen/commit/2f2b916)) +* **cache:** fix handling of errors in cache reads ([5729222](https://github.com/zkat/make-fetch-happen/commit/5729222)) + + + + +# [1.5.0](https://github.com/zkat/make-fetch-happen/compare/v1.4.0...v1.5.0) (2017-04-04) + + +### Features + +* **retry:** retry requests on 408 timeouts, too ([8d8b5bd](https://github.com/zkat/make-fetch-happen/commit/8d8b5bd)) + + + + +# [1.4.0](https://github.com/zkat/make-fetch-happen/compare/v1.3.1...v1.4.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** stop relying on BB.catch ([2b04494](https://github.com/zkat/make-fetch-happen/commit/2b04494)) + + +### Features + +* **retry:** report retry attempt number as extra header ([fd50927](https://github.com/zkat/make-fetch-happen/commit/fd50927)) + + + + +## [1.3.1](https://github.com/zkat/make-fetch-happen/compare/v1.3.0...v1.3.1) (2017-04-04) + + +### Bug Fixes + +* **cache:** pretend cache entry is missing on ENOENT ([9c2bb26](https://github.com/zkat/make-fetch-happen/commit/9c2bb26)) + + + + +# [1.3.0](https://github.com/zkat/make-fetch-happen/compare/v1.2.1...v1.3.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** if metadata is missing for some odd reason, ignore the entry ([a021a6b](https://github.com/zkat/make-fetch-happen/commit/a021a6b)) + + +### Features + +* **cache:** add special headers when request was loaded straight from cache ([8a7dbd1](https://github.com/zkat/make-fetch-happen/commit/8a7dbd1)) +* **cache:** allow configuring algorithms to be calculated on insertion ([bf4a0f2](https://github.com/zkat/make-fetch-happen/commit/bf4a0f2)) + + + + +## [1.2.1](https://github.com/zkat/make-fetch-happen/compare/v1.2.0...v1.2.1) (2017-04-03) + + +### Bug Fixes + +* **integrity:** update cacache and ssri and change EBADCHECKSUM -> EINTEGRITY ([b6cf6f6](https://github.com/zkat/make-fetch-happen/commit/b6cf6f6)) + + + + +# [1.2.0](https://github.com/zkat/make-fetch-happen/compare/v1.1.0...v1.2.0) (2017-04-03) + + +### Features + +* **integrity:** full Subresource Integrity support (#10) ([a590159](https://github.com/zkat/make-fetch-happen/commit/a590159)) + + + + +# [1.1.0](https://github.com/zkat/make-fetch-happen/compare/v1.0.1...v1.1.0) (2017-04-01) + + +### Features + +* **opts:** fetch.defaults() for default options ([522a65e](https://github.com/zkat/make-fetch-happen/commit/522a65e)) + + + + +## [1.0.1](https://github.com/zkat/make-fetch-happen/compare/v1.0.0...v1.0.1) (2017-04-01) + + + + +# 1.0.0 (2017-04-01) + + +### Bug Fixes + +* **cache:** default on cache-control header ([b872a2c](https://github.com/zkat/make-fetch-happen/commit/b872a2c)) +* standard stuff and cache matching ([753f2c2](https://github.com/zkat/make-fetch-happen/commit/753f2c2)) +* **agent:** nudge around things with opts.agent ([ed62b57](https://github.com/zkat/make-fetch-happen/commit/ed62b57)) +* **agent:** {agent: false} has special behavior ([b8cc923](https://github.com/zkat/make-fetch-happen/commit/b8cc923)) +* **cache:** invalidation on non-GET ([fe78fac](https://github.com/zkat/make-fetch-happen/commit/fe78fac)) +* **cache:** make force-cache and only-if-cached work as expected ([f50e9df](https://github.com/zkat/make-fetch-happen/commit/f50e9df)) +* **cache:** more spec compliance ([d5a56db](https://github.com/zkat/make-fetch-happen/commit/d5a56db)) +* **cache:** only cache 200 gets ([0abb25a](https://github.com/zkat/make-fetch-happen/commit/0abb25a)) +* **cache:** only load cache code if cache opt is a string ([250fcd5](https://github.com/zkat/make-fetch-happen/commit/250fcd5)) +* **cache:** oops ([e3fa15a](https://github.com/zkat/make-fetch-happen/commit/e3fa15a)) +* **cache:** refactored warning removal into main file ([5b0a9f9](https://github.com/zkat/make-fetch-happen/commit/5b0a9f9)) +* **cache:** req constructor no longer needed in Cache ([5b74cbc](https://github.com/zkat/make-fetch-happen/commit/5b74cbc)) +* **cache:** standard fetch api calls cacheMode "cache" ([6fba805](https://github.com/zkat/make-fetch-happen/commit/6fba805)) +* **cache:** was using wrong method for non-GET/HEAD cache invalidation ([810763a](https://github.com/zkat/make-fetch-happen/commit/810763a)) +* **caching:** a bunch of cache-related fixes ([8ebda1d](https://github.com/zkat/make-fetch-happen/commit/8ebda1d)) +* **deps:** `cacache[@6](https://github.com/6).3.0` - race condition fixes ([9528442](https://github.com/zkat/make-fetch-happen/commit/9528442)) +* **freshness:** fix regex for cacheControl matching ([070db86](https://github.com/zkat/make-fetch-happen/commit/070db86)) +* **freshness:** fixed default freshness heuristic value ([5d29e88](https://github.com/zkat/make-fetch-happen/commit/5d29e88)) +* **logging:** remove console.log calls ([a1d0a47](https://github.com/zkat/make-fetch-happen/commit/a1d0a47)) +* **method:** node-fetch guarantees uppercase ([a1d68d6](https://github.com/zkat/make-fetch-happen/commit/a1d68d6)) +* **opts:** simplified opts handling ([516fd6e](https://github.com/zkat/make-fetch-happen/commit/516fd6e)) +* **proxy:** pass proxy option directly to ProxyAgent ([3398460](https://github.com/zkat/make-fetch-happen/commit/3398460)) +* **retry:** false -> {retries: 0} ([297fbb6](https://github.com/zkat/make-fetch-happen/commit/297fbb6)) +* **retry:** only retry put if body is not a stream ([a24e599](https://github.com/zkat/make-fetch-happen/commit/a24e599)) +* **retry:** skip retries if body is a stream for ANY method ([780c0f8](https://github.com/zkat/make-fetch-happen/commit/780c0f8)) + + +### Features + +* **api:** initial implementation -- can make and cache requests ([7d55b49](https://github.com/zkat/make-fetch-happen/commit/7d55b49)) +* **fetch:** injectable cache, and retry support ([87b84bf](https://github.com/zkat/make-fetch-happen/commit/87b84bf)) + + +### BREAKING CHANGES + +* **cache:** opts.cache -> opts.cacheManager; opts.cacheMode -> opts.cache +* **fetch:** opts.cache accepts a Cache-like obj or a path. Requests are now retried. +* **api:** actual api implemented diff --git a/node_modules/libnpmpublish/node_modules/make-fetch-happen/LICENSE b/node_modules/libnpmpublish/node_modules/make-fetch-happen/LICENSE new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/make-fetch-happen/LICENSE @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmpublish/node_modules/make-fetch-happen/README.md b/node_modules/libnpmpublish/node_modules/make-fetch-happen/README.md new file mode 100644 index 0000000000000..4d12d8dae7e31 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/make-fetch-happen/README.md @@ -0,0 +1,404 @@ +# make-fetch-happen [![npm version](https://img.shields.io/npm/v/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![license](https://img.shields.io/npm/l/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![Travis](https://img.shields.io/travis/zkat/make-fetch-happen.svg)](https://travis-ci.org/zkat/make-fetch-happen) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/make-fetch-happen?svg=true)](https://ci.appveyor.com/project/zkat/make-fetch-happen) [![Coverage Status](https://coveralls.io/repos/github/zkat/make-fetch-happen/badge.svg?branch=latest)](https://coveralls.io/github/zkat/make-fetch-happen?branch=latest) + + +[`make-fetch-happen`](https://github.com/zkat/make-fetch-happen) is a Node.js +library that wraps [`node-fetch-npm`](https://github.com/npm/node-fetch-npm) with additional +features [`node-fetch`](https://github.com/bitinn/node-fetch) doesn't intend to include, including HTTP Cache support, request +pooling, proxies, retries, [and more](#features)! + +## Install + +`$ npm install --save make-fetch-happen` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.defaults`](#fetch-defaults) + * [`node-fetch` options](#node-fetch-options) + * [`make-fetch-happen` options](#extra-options) + * [`opts.cacheManager`](#opts-cache-manager) + * [`opts.cache`](#opts-cache) + * [`opts.proxy`](#opts-proxy) + * [`opts.noProxy`](#opts-no-proxy) + * [`opts.ca, opts.cert, opts.key`](#https-opts) + * [`opts.maxSockets`](#opts-max-sockets) + * [`opts.retry`](#opts-retry) + * [`opts.onRetry`](#opts-onretry) + * [`opts.integrity`](#opts-integrity) +* [Message From Our Sponsors](#wow) + +### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' // path where cache will be written (and read) +}) + +fetch('https://registry.npmjs.org/make-fetch-happen').then(res => { + return res.json() // download the body as JSON +}).then(body => { + console.log(`got ${body.name} from web`) + return fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'no-cache' // forces a conditional request + }) +}).then(res => { + console.log(res.status) // 304! cache validated! + return res.json().then(body => { + console.log(`got ${body.name} from cache`) + }) +}) +``` + +### Features + +* Builds around [`node-fetch`](https://npm.im/node-fetch) for the core [`fetch` API](https://fetch.spec.whatwg.org) implementation +* Request pooling out of the box +* Quite fast, really +* Automatic HTTP-semantics-aware request retries +* Cache-fallback automatic "offline mode" +* Proxy support (http, https, socks, socks4, socks5) +* Built-in request caching following full HTTP caching rules (`Cache-Control`, `ETag`, `304`s, cache fallback on error, etc). +* Customize cache storage with any [Cache API](https://developer.mozilla.org/en-US/docs/Web/API/Cache)-compliant `Cache` instance. Cache to Redis! +* Node.js Stream support +* Transparent gzip and deflate support +* [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) support +* Literally punches nazis +* (PENDING) Range request caching and resuming + +### Contributing + +The make-fetch-happen team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](CONTRIBUTING.md) has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(uriOrRequest, [opts]) -> Promise` + +This function implements most of the [`fetch` API](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch): given a `uri` string or a `Request` instance, it will fire off an http request and return a Promise containing the relevant response. + +If `opts` is provided, the [`node-fetch`-specific options](#node-fetch-options) will be passed to that library. There are also [additional options](#extra-options) specific to make-fetch-happen that add various features, such as HTTP caching, integrity verification, proxy support, and more. + +##### Example + +```javascript +fetch('https://google.com').then(res => res.buffer()) +``` + +#### `> fetch.defaults([defaultUrl], [defaultOpts])` + +Returns a new `fetch` function that will call `make-fetch-happen` using `defaultUrl` and `defaultOpts` as default values to any calls. + +A defaulted `fetch` will also have a `.defaults()` method, so they can be chained. + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-local-cache' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen') // will always use the cache +``` + +#### `> node-fetch options` + +The following options for `node-fetch` are used as-is: + +* method +* body +* redirect +* follow +* timeout +* compress +* size + +These other options are modified or augmented by make-fetch-happen: + +* headers - Default `User-Agent` set to make-fetch happen. `Connection` is set to `keep-alive` or `close` automatically depending on `opts.agent`. +* agent + * If agent is null, an http or https Agent will be automatically used. By default, these will be `http.globalAgent` and `https.globalAgent`. + * If [`opts.proxy`](#opts-proxy) is provided and `opts.agent` is null, the agent will be set to an appropriate proxy-handling agent. + * If `opts.agent` is an object, it will be used as the request-pooling agent argument for this request. + * If `opts.agent` is `false`, it will be passed as-is to the underlying request library. This causes a new Agent to be spawned for every request. + +For more details, see [the documentation for `node-fetch` itself](https://github.com/bitinn/node-fetch#options). + +#### `> make-fetch-happen options` + +make-fetch-happen augments the `node-fetch` API with additional features available through extra options. The following extra options are available: + +* [`opts.cacheManager`](#opts-cache-manager) - Cache target to read/write +* [`opts.cache`](#opts-cache) - `fetch` cache mode. Controls cache *behavior*. +* [`opts.proxy`](#opts-proxy) - Proxy agent +* [`opts.noProxy`](#opts-no-proxy) - Domain segments to disable proxying for. +* [`opts.ca, opts.cert, opts.key, opts.strictSSL`](#https-opts) +* [`opts.localAddress`](#opts-local-address) +* [`opts.maxSockets`](#opts-max-sockets) +* [`opts.retry`](#opts-retry) - Request retry settings +* [`opts.onRetry`](#opts-onretry) - a function called whenever a retry is attempted +* [`opts.integrity`](#opts-integrity) - [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. + +#### `> opts.cacheManager` + +Either a `String` or a `Cache`. If the former, it will be assumed to be a `Path` to be used as the cache root for [`cacache`](https://npm.im/cacache). + +If an object is provided, it will be assumed to be a compliant [`Cache` instance](https://developer.mozilla.org/en-US/docs/Web/API/Cache). Only `Cache.match()`, `Cache.put()`, and `Cache.delete()` are required. Options objects will not be passed in to `match()` or `delete()`. + +By implementing this API, you can customize the storage backend for make-fetch-happen itself -- for example, you could implement a cache that uses `redis` for caching, or simply keeps everything in memory. Most of the caching logic exists entirely on the make-fetch-happen side, so the only thing you need to worry about is reading, writing, and deleting, as well as making sure `fetch.Response` objects are what gets returned. + +You can refer to `cache.js` in the make-fetch-happen source code for a reference implementation. + +**NOTE**: Requests will not be cached unless their response bodies are consumed. You will need to use one of the `res.json()`, `res.buffer()`, etc methods on the response, or drain the `res.body` stream, in order for it to be written. + +The default cache manager also adds the following headers to cached responses: + +* `X-Local-Cache`: Path to the cache the content was found in +* `X-Local-Cache-Key`: Unique cache entry key for this response +* `X-Local-Cache-Hash`: Specific integrity hash for the cached entry +* `X-Local-Cache-Time`: UTCString of the cache insertion time for the entry + +Using [`cacache`](https://npm.im/cacache), a call like this may be used to +manually fetch the cached entry: + +```javascript +const h = response.headers +cacache.get(h.get('x-local-cache'), h.get('x-local-cache-key')) + +// grab content only, directly: +cacache.get.byDigest(h.get('x-local-cache'), h.get('x-local-cache-hash')) +``` + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + cacheManager: './my-local-cache' +}) // -> 200-level response will be written to disk + +fetch('https://npm.im/cacache', { + cacheManager: new MyCustomRedisCache(process.env.PORT) +}) // -> 200-level response will be written to redis +``` + +A possible (minimal) implementation for `MyCustomRedisCache`: + +```javascript +const bluebird = require('bluebird') +const redis = require("redis") +bluebird.promisifyAll(redis.RedisClient.prototype) +class MyCustomRedisCache { + constructor (opts) { + this.redis = redis.createClient(opts) + } + match (req) { + return this.redis.getAsync(req.url).then(res => { + if (res) { + const parsed = JSON.parse(res) + return new fetch.Response(parsed.body, { + url: req.url, + headers: parsed.headers, + status: 200 + }) + } + }) + } + put (req, res) { + return res.buffer().then(body => { + return this.redis.setAsync(req.url, JSON.stringify({ + body: body, + headers: res.headers.raw() + })) + }).then(() => { + // return the response itself + return res + }) + } + 'delete' (req) { + return this.redis.unlinkAsync(req.url) + } +} +``` + +#### `> opts.cache` + +This option follows the standard `fetch` API cache option. This option will do nothing if [`opts.cacheManager`](#opts-cache-manager) is null. The following values are accepted (as strings): + +* `default` - Fetch will inspect the HTTP cache on the way to the network. If there is a fresh response it will be used. If there is a stale response a conditional request will be created, and a normal request otherwise. It then updates the HTTP cache with the response. If the revalidation request fails (for example, on a 500 or if you're offline), the stale response will be returned. +* `no-store` - Fetch behaves as if there is no HTTP cache at all. +* `reload` - Fetch behaves as if there is no HTTP cache on the way to the network. Ergo, it creates a normal request and updates the HTTP cache with the response. +* `no-cache` - Fetch creates a conditional request if there is a response in the HTTP cache and a normal request otherwise. It then updates the HTTP cache with the response. +* `force-cache` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it creates a normal request and updates the HTTP cache with the response. +* `only-if-cached` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it returns a network error. (Can only be used when request’s mode is "same-origin". Any cached redirects will be followed assuming request’s redirect mode is "follow" and the redirects do not violate request’s mode.) + +(Note: option descriptions are taken from https://fetch.spec.whatwg.org/#http-network-or-cache-fetch) + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' +}) + +// Will error with ENOTCACHED if we haven't already cached this url +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'only-if-cached' +}) + +// Will refresh any local content and cache the new response +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'reload' +}) + +// Will use any local data, even if stale. Otherwise, will hit network. +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'force-cache' +}) +``` + +#### `> opts.proxy` + +A string or `url.parse`-d URI to proxy through. Different Proxy handlers will be +used depending on the proxy's protocol. + +Additionally, `process.env.HTTP_PROXY`, `process.env.HTTPS_PROXY`, and +`process.env.PROXY` are used if present and no `opts.proxy` value is provided. + +(Pending) `process.env.NO_PROXY` may also be configured to skip proxying requests for all, or specific domains. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: 'https://corporate.yourcompany.proxy:4445' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: { + protocol: 'https:', + hostname: 'corporate.yourcompany.proxy', + port: 4445 + } +}) +``` + +#### `> opts.noProxy` + +If present, should be a comma-separated string or an array of domain extensions +that a proxy should _not_ be used for. + +This option may also be provided through `process.env.NO_PROXY`. + +#### `> opts.ca, opts.cert, opts.key, opts.strictSSL` + +These values are passed in directly to the HTTPS agent and will be used for both +proxied and unproxied outgoing HTTPS requests. They mostly correspond to the +same options the `https` module accepts, which will be themselves passed to +`tls.connect()`. `opts.strictSSL` corresponds to `rejectUnauthorized`. + +#### `> opts.localAddress` + +Passed directly to `http` and `https` request calls. Determines the local +address to bind to. + +#### `> opts.maxSockets` + +Default: 15 + +Maximum number of active concurrent sockets to use for the underlying +Http/Https/Proxy agents. This setting applies once per spawned agent. + +15 is probably a _pretty good value_ for most use-cases, and balances speed +with, uh, not knocking out people's routers. 🤓 + +#### `> opts.retry` + +An object that can be used to tune request retry settings. Retries will only be attempted on the following conditions: + +* Request method is NOT `POST` AND +* Request status is one of: `408`, `420`, `429`, or any status in the 500-range. OR +* Request errored with `ECONNRESET`, `ECONNREFUSED`, `EADDRINUSE`, `ETIMEDOUT`, or the `fetch` error `request-timeout`. + +The following are worth noting as explicitly not retried: + +* `getaddrinfo ENOTFOUND` and will be assumed to be either an unreachable domain or the user will be assumed offline. If a response is cached, it will be returned immediately. +* `ECONNRESET` currently has no support for restarting. It will eventually be supported but requires a bit more juggling due to streaming. + +If `opts.retry` is `false`, it is equivalent to `{retries: 0}` + +If `opts.retry` is a number, it is equivalent to `{retries: num}` + +The following retry options are available if you want more control over it: + +* retries +* factor +* minTimeout +* maxTimeout +* randomize + +For details on what each of these do, refer to the [`retry`](https://npm.im/retry) documentation. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + retry: { + retries: 10, + randomize: true + } +}) + +fetch('http://reliable.site.com', { + retry: false +}) + +fetch('http://one-more.site.com', { + retry: 3 +}) +``` + +#### `> opts.onRetry` + +A function called whenever a retry is attempted. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + onRetry() { + console.log('we will retry!') + } +}) +``` + +#### `> opts.integrity` + +Matches the response body against the given [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. If verification fails, the request will fail with an `EINTEGRITY` error. + +`integrity` may either be a string or an [`ssri`](https://npm.im/ssri) `Integrity`-like. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // -> ok + +fetch('https://malicious-registry.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // Error: EINTEGRITY +``` + +### Message From Our Sponsors + +![](stop.gif) + +![](happening.gif) diff --git a/node_modules/libnpmpublish/node_modules/make-fetch-happen/agent.js b/node_modules/libnpmpublish/node_modules/make-fetch-happen/agent.js new file mode 100644 index 0000000000000..55675946ad97d --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/make-fetch-happen/agent.js @@ -0,0 +1,171 @@ +'use strict' +const LRU = require('lru-cache') +const url = require('url') + +let AGENT_CACHE = new LRU({ max: 50 }) +let HttpsAgent +let HttpAgent + +module.exports = getAgent + +function getAgent (uri, opts) { + const parsedUri = url.parse(typeof uri === 'string' ? uri : uri.url) + const isHttps = parsedUri.protocol === 'https:' + const pxuri = getProxyUri(uri, opts) + + const key = [ + `https:${isHttps}`, + pxuri + ? `proxy:${pxuri.protocol}//${pxuri.host}:${pxuri.port}` + : '>no-proxy<', + `local-address:${opts.localAddress || '>no-local-address<'}`, + `strict-ssl:${isHttps ? !!opts.strictSSL : '>no-strict-ssl<'}`, + `ca:${(isHttps && opts.ca) || '>no-ca<'}`, + `cert:${(isHttps && opts.cert) || '>no-cert<'}`, + `key:${(isHttps && opts.key) || '>no-key<'}` + ].join(':') + + if (opts.agent != null) { // `agent: false` has special behavior! + return opts.agent + } + + if (AGENT_CACHE.peek(key)) { + return AGENT_CACHE.get(key) + } + + if (pxuri) { + const proxy = getProxy(pxuri, opts, isHttps) + AGENT_CACHE.set(key, proxy) + return proxy + } + + if (isHttps && !HttpsAgent) { + HttpsAgent = require('agentkeepalive').HttpsAgent + } else if (!isHttps && !HttpAgent) { + HttpAgent = require('agentkeepalive') + } + + // If opts.timeout is zero, set the agentTimeout to zero as well. A timeout + // of zero disables the timeout behavior (OS limits still apply). Else, if + // opts.timeout is a non-zero value, set it to timeout + 1, to ensure that + // the node-fetch-npm timeout will always fire first, giving us more + // consistent errors. + const agentTimeout = opts.timeout === 0 ? 0 : opts.timeout + 1 + + const agent = isHttps ? new HttpsAgent({ + maxSockets: opts.maxSockets || 15, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + localAddress: opts.localAddress, + rejectUnauthorized: opts.strictSSL, + timeout: agentTimeout + }) : new HttpAgent({ + maxSockets: opts.maxSockets || 15, + localAddress: opts.localAddress, + timeout: agentTimeout + }) + AGENT_CACHE.set(key, agent) + return agent +} + +function checkNoProxy (uri, opts) { + const host = url.parse(uri).hostname.split('.').reverse() + let noproxy = (opts.noProxy || getProcessEnv('no_proxy')) + if (typeof noproxy === 'string') { + noproxy = noproxy.split(/\s*,\s*/g) + } + return noproxy && noproxy.some(no => { + const noParts = no.split('.').filter(x => x).reverse() + if (!noParts.length) { return false } + for (let i = 0; i < noParts.length; i++) { + if (host[i] !== noParts[i]) { + return false + } + } + return true + }) +} + +module.exports.getProcessEnv = getProcessEnv + +function getProcessEnv (env) { + if (!env) { return } + + let value + + if (Array.isArray(env)) { + for (let e of env) { + value = process.env[e] || + process.env[e.toUpperCase()] || + process.env[e.toLowerCase()] + if (typeof value !== 'undefined') { break } + } + } + + if (typeof env === 'string') { + value = process.env[env] || + process.env[env.toUpperCase()] || + process.env[env.toLowerCase()] + } + + return value +} + +function getProxyUri (uri, opts) { + const protocol = url.parse(uri).protocol + + const proxy = opts.proxy || ( + protocol === 'https:' && getProcessEnv('https_proxy') + ) || ( + protocol === 'http:' && getProcessEnv(['https_proxy', 'http_proxy', 'proxy']) + ) + if (!proxy) { return null } + + const parsedProxy = (typeof proxy === 'string') ? url.parse(proxy) : proxy + + return !checkNoProxy(uri, opts) && parsedProxy +} + +let HttpProxyAgent +let HttpsProxyAgent +let SocksProxyAgent +function getProxy (proxyUrl, opts, isHttps) { + let popts = { + host: proxyUrl.hostname, + port: proxyUrl.port, + protocol: proxyUrl.protocol, + path: proxyUrl.path, + auth: proxyUrl.auth, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + timeout: opts.timeout === 0 ? 0 : opts.timeout + 1, + localAddress: opts.localAddress, + maxSockets: opts.maxSockets || 15, + rejectUnauthorized: opts.strictSSL + } + + if (proxyUrl.protocol === 'http:' || proxyUrl.protocol === 'https:') { + if (!isHttps) { + if (!HttpProxyAgent) { + HttpProxyAgent = require('http-proxy-agent') + } + + return new HttpProxyAgent(popts) + } else { + if (!HttpsProxyAgent) { + HttpsProxyAgent = require('https-proxy-agent') + } + + return new HttpsProxyAgent(popts) + } + } + if (proxyUrl.protocol.startsWith('socks')) { + if (!SocksProxyAgent) { + SocksProxyAgent = require('socks-proxy-agent') + } + + return new SocksProxyAgent(popts) + } +} diff --git a/node_modules/libnpmpublish/node_modules/make-fetch-happen/cache.js b/node_modules/libnpmpublish/node_modules/make-fetch-happen/cache.js new file mode 100644 index 0000000000000..0c519e69fbe81 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/make-fetch-happen/cache.js @@ -0,0 +1,249 @@ +'use strict' + +const cacache = require('cacache') +const fetch = require('node-fetch-npm') +const pipe = require('mississippi').pipe +const ssri = require('ssri') +const through = require('mississippi').through +const to = require('mississippi').to +const url = require('url') +const stream = require('stream') + +const MAX_MEM_SIZE = 5 * 1024 * 1024 // 5MB + +function cacheKey (req) { + const parsed = url.parse(req.url) + return `make-fetch-happen:request-cache:${ + url.format({ + protocol: parsed.protocol, + slashes: parsed.slashes, + host: parsed.host, + hostname: parsed.hostname, + pathname: parsed.pathname + }) + }` +} + +// This is a cacache-based implementation of the Cache standard, +// using node-fetch. +// docs: https://developer.mozilla.org/en-US/docs/Web/API/Cache +// +module.exports = class Cache { + constructor (path, opts) { + this._path = path + this._uid = opts && opts.uid + this._gid = opts && opts.gid + this.Promise = (opts && opts.Promise) || Promise + } + + // Returns a Promise that resolves to the response associated with the first + // matching request in the Cache object. + match (req, opts) { + opts = opts || {} + const key = cacheKey(req) + return cacache.get.info(this._path, key).then(info => { + return info && cacache.get.hasContent( + this._path, info.integrity, opts + ).then(exists => exists && info) + }).then(info => { + if (info && info.metadata && matchDetails(req, { + url: info.metadata.url, + reqHeaders: new fetch.Headers(info.metadata.reqHeaders), + resHeaders: new fetch.Headers(info.metadata.resHeaders), + cacheIntegrity: info.integrity, + integrity: opts && opts.integrity + })) { + const resHeaders = new fetch.Headers(info.metadata.resHeaders) + addCacheHeaders(resHeaders, this._path, key, info.integrity, info.time) + if (req.method === 'HEAD') { + return new fetch.Response(null, { + url: req.url, + headers: resHeaders, + status: 200 + }) + } + let body + const cachePath = this._path + // avoid opening cache file handles until a user actually tries to + // read from it. + if (opts.memoize !== false && info.size > MAX_MEM_SIZE) { + body = new stream.PassThrough() + const realRead = body._read + body._read = function (size) { + body._read = realRead + pipe( + cacache.get.stream.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }), + body, + err => body.emit(err)) + return realRead.call(this, size) + } + } else { + let readOnce = false + // cacache is much faster at bulk reads + body = new stream.Readable({ + read () { + if (readOnce) return this.push(null) + readOnce = true + cacache.get.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }).then(data => { + this.push(data) + this.push(null) + }, err => this.emit('error', err)) + } + }) + } + return this.Promise.resolve(new fetch.Response(body, { + url: req.url, + headers: resHeaders, + status: 200, + size: info.size + })) + } + }) + } + + // Takes both a request and its response and adds it to the given cache. + put (req, response, opts) { + opts = opts || {} + const size = response.headers.get('content-length') + const fitInMemory = !!size && opts.memoize !== false && size < MAX_MEM_SIZE + const ckey = cacheKey(req) + const cacheOpts = { + algorithms: opts.algorithms, + metadata: { + url: req.url, + reqHeaders: req.headers.raw(), + resHeaders: response.headers.raw() + }, + uid: this._uid, + gid: this._gid, + size, + memoize: fitInMemory && opts.memoize + } + if (req.method === 'HEAD' || response.status === 304) { + // Update metadata without writing + return cacache.get.info(this._path, ckey).then(info => { + // Providing these will bypass content write + cacheOpts.integrity = info.integrity + addCacheHeaders( + response.headers, this._path, ckey, info.integrity, info.time + ) + return new this.Promise((resolve, reject) => { + pipe( + cacache.get.stream.byDigest(this._path, info.integrity, cacheOpts), + cacache.put.stream(this._path, cacheKey(req), cacheOpts), + err => err ? reject(err) : resolve(response) + ) + }) + }).then(() => response) + } + let buf = [] + let bufSize = 0 + let cacheTargetStream = false + const cachePath = this._path + let cacheStream = to((chunk, enc, cb) => { + if (!cacheTargetStream) { + if (fitInMemory) { + cacheTargetStream = + to({highWaterMark: MAX_MEM_SIZE}, (chunk, enc, cb) => { + buf.push(chunk) + bufSize += chunk.length + cb() + }, done => { + cacache.put( + cachePath, + cacheKey(req), + Buffer.concat(buf, bufSize), + cacheOpts + ).then( + () => done(), + done + ) + }) + } else { + cacheTargetStream = + cacache.put.stream(cachePath, cacheKey(req), cacheOpts) + } + } + cacheTargetStream.write(chunk, enc, cb) + }, done => { + cacheTargetStream ? cacheTargetStream.end(done) : done() + }) + const oldBody = response.body + const newBody = through({highWaterMark: fitInMemory && MAX_MEM_SIZE}) + response.body = newBody + oldBody.once('error', err => newBody.emit('error', err)) + newBody.once('error', err => oldBody.emit('error', err)) + cacheStream.once('error', err => newBody.emit('error', err)) + pipe(oldBody, to((chunk, enc, cb) => { + cacheStream.write(chunk, enc, () => { + newBody.write(chunk, enc, cb) + }) + }, done => { + cacheStream.end(() => { + newBody.end(() => { + done() + }) + }) + }), err => err && newBody.emit('error', err)) + return response + } + + // Finds the Cache entry whose key is the request, and if found, deletes the + // Cache entry and returns a Promise that resolves to true. If no Cache entry + // is found, it returns false. + 'delete' (req, opts) { + opts = opts || {} + if (typeof opts.memoize === 'object') { + if (opts.memoize.reset) { + opts.memoize.reset() + } else if (opts.memoize.clear) { + opts.memoize.clear() + } else { + Object.keys(opts.memoize).forEach(k => { + opts.memoize[k] = null + }) + } + } + return cacache.rm.entry( + this._path, + cacheKey(req) + // TODO - true/false + ).then(() => false) + } +} + +function matchDetails (req, cached) { + const reqUrl = url.parse(req.url) + const cacheUrl = url.parse(cached.url) + const vary = cached.resHeaders.get('Vary') + // https://tools.ietf.org/html/rfc7234#section-4.1 + if (vary) { + if (vary.match(/\*/)) { + return false + } else { + const fieldsMatch = vary.split(/\s*,\s*/).every(field => { + return cached.reqHeaders.get(field) === req.headers.get(field) + }) + if (!fieldsMatch) { + return false + } + } + } + if (cached.integrity) { + return ssri.parse(cached.integrity).match(cached.cacheIntegrity) + } + reqUrl.hash = null + cacheUrl.hash = null + return url.format(reqUrl) === url.format(cacheUrl) +} + +function addCacheHeaders (resHeaders, path, key, hash, time) { + resHeaders.set('X-Local-Cache', encodeURIComponent(path)) + resHeaders.set('X-Local-Cache-Key', encodeURIComponent(key)) + resHeaders.set('X-Local-Cache-Hash', encodeURIComponent(hash)) + resHeaders.set('X-Local-Cache-Time', new Date(time).toUTCString()) +} diff --git a/node_modules/libnpmpublish/node_modules/make-fetch-happen/index.js b/node_modules/libnpmpublish/node_modules/make-fetch-happen/index.js new file mode 100644 index 0000000000000..0f2c164e19f28 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/make-fetch-happen/index.js @@ -0,0 +1,482 @@ +'use strict' + +let Cache +const url = require('url') +const CachePolicy = require('http-cache-semantics') +const fetch = require('node-fetch-npm') +const pkg = require('./package.json') +const retry = require('promise-retry') +let ssri +const Stream = require('stream') +const getAgent = require('./agent') +const setWarning = require('./warning') + +const isURL = /^https?:/ +const USER_AGENT = `${pkg.name}/${pkg.version} (+https://npm.im/${pkg.name})` + +const RETRY_ERRORS = [ + 'ECONNRESET', // remote socket closed on us + 'ECONNREFUSED', // remote host refused to open connection + 'EADDRINUSE', // failed to bind to a local port (proxy?) + 'ETIMEDOUT' // someone in the transaction is WAY TOO SLOW + // Known codes we do NOT retry on: + // ENOTFOUND (getaddrinfo failure. Either bad hostname, or offline) +] + +const RETRY_TYPES = [ + 'request-timeout' +] + +// https://fetch.spec.whatwg.org/#http-network-or-cache-fetch +module.exports = cachingFetch +cachingFetch.defaults = function (_uri, _opts) { + const fetch = this + if (typeof _uri === 'object') { + _opts = _uri + _uri = null + } + + function defaultedFetch (uri, opts) { + const finalOpts = Object.assign({}, _opts || {}, opts || {}) + return fetch(uri || _uri, finalOpts) + } + + defaultedFetch.defaults = fetch.defaults + defaultedFetch.delete = fetch.delete + return defaultedFetch +} + +cachingFetch.delete = cacheDelete +function cacheDelete (uri, opts) { + opts = configureOptions(opts) + if (opts.cacheManager) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + return opts.cacheManager.delete(req, opts) + } +} + +function initializeCache (opts) { + if (typeof opts.cacheManager === 'string') { + if (!Cache) { + // Default cacache-based cache + Cache = require('./cache') + } + + opts.cacheManager = new Cache(opts.cacheManager, opts) + } + + opts.cache = opts.cache || 'default' + + if (opts.cache === 'default' && isHeaderConditional(opts.headers)) { + // If header list contains `If-Modified-Since`, `If-None-Match`, + // `If-Unmodified-Since`, `If-Match`, or `If-Range`, fetch will set cache + // mode to "no-store" if it is "default". + opts.cache = 'no-store' + } +} + +function configureOptions (_opts) { + const opts = Object.assign({}, _opts || {}) + opts.method = (opts.method || 'GET').toUpperCase() + + if (opts.retry && typeof opts.retry === 'number') { + opts.retry = { retries: opts.retry } + } + + if (opts.retry === false) { + opts.retry = { retries: 0 } + } + + if (opts.cacheManager) { + initializeCache(opts) + } + + return opts +} + +function initializeSsri () { + if (!ssri) { + ssri = require('ssri') + } +} + +function cachingFetch (uri, _opts) { + const opts = configureOptions(_opts) + + if (opts.integrity) { + initializeSsri() + // if verifying integrity, node-fetch must not decompress + opts.compress = false + } + + const isCachable = (opts.method === 'GET' || opts.method === 'HEAD') && + opts.cacheManager && + opts.cache !== 'no-store' && + opts.cache !== 'reload' + + if (isCachable) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + + return opts.cacheManager.match(req, opts).then(res => { + if (res) { + const warningCode = (res.headers.get('Warning') || '').match(/^\d+/) + if (warningCode && +warningCode >= 100 && +warningCode < 200) { + // https://tools.ietf.org/html/rfc7234#section-4.3.4 + // + // If a stored response is selected for update, the cache MUST: + // + // * delete any Warning header fields in the stored response with + // warn-code 1xx (see Section 5.5); + // + // * retain any Warning header fields in the stored response with + // warn-code 2xx; + // + res.headers.delete('Warning') + } + + if (opts.cache === 'default' && !isStale(req, res)) { + return res + } + + if (opts.cache === 'default' || opts.cache === 'no-cache') { + return conditionalFetch(req, res, opts) + } + + if (opts.cache === 'force-cache' || opts.cache === 'only-if-cached') { + // 112 Disconnected operation + // SHOULD be included if the cache is intentionally disconnected from + // the rest of the network for a period of time. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(res, 112, 'Disconnected operation') + return res + } + } + + if (!res && opts.cache === 'only-if-cached') { + const errorMsg = `request to ${ + uri + } failed: cache mode is 'only-if-cached' but no cached response available.` + + const err = new Error(errorMsg) + err.code = 'ENOTCACHED' + throw err + } + + // Missing cache entry, or mode is default (if stale), reload, no-store + return remoteFetch(req.url, opts) + }) + } + + return remoteFetch(uri, opts) +} + +function iterableToObject (iter) { + const obj = {} + for (let k of iter.keys()) { + obj[k] = iter.get(k) + } + return obj +} + +function makePolicy (req, res) { + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + const _res = { + status: res.status, + headers: iterableToObject(res.headers) + } + + return new CachePolicy(_req, _res, { shared: false }) +} + +// https://tools.ietf.org/html/rfc7234#section-4.2 +function isStale (req, res) { + if (!res) { + return null + } + + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + + const policy = makePolicy(req, res) + + const responseTime = res.headers.get('x-local-cache-time') || + res.headers.get('date') || + 0 + + policy._responseTime = new Date(responseTime) + + const bool = !policy.satisfiesWithoutRevalidation(_req) + return bool +} + +function mustRevalidate (res) { + return (res.headers.get('cache-control') || '').match(/must-revalidate/i) +} + +function conditionalFetch (req, cachedRes, opts) { + const _req = { + url: req.url, + method: req.method, + headers: Object.assign({}, opts.headers || {}) + } + + const policy = makePolicy(req, cachedRes) + opts.headers = policy.revalidationHeaders(_req) + + return remoteFetch(req.url, opts) + .then(condRes => { + const revalidatedPolicy = policy.revalidatedPolicy(_req, { + status: condRes.status, + headers: iterableToObject(condRes.headers) + }) + + if (condRes.status >= 500 && !mustRevalidate(cachedRes)) { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + return cachedRes + } + + if (condRes.status === 304) { // 304 Not Modified + condRes.body = cachedRes.body + return opts.cacheManager.put(req, condRes, opts) + .then(newRes => { + newRes.headers = new fetch.Headers(revalidatedPolicy.policy.responseHeaders()) + return newRes + }) + } + + return condRes + }) + .then(res => res) + .catch(err => { + if (mustRevalidate(cachedRes)) { + throw err + } else { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + // 199 Miscellaneous warning + // The warning text MAY include arbitrary information to be presented to + // a human user, or logged. A system receiving this warning MUST NOT take + // any automated action, besides presenting the warning to the user. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning( + cachedRes, + 199, + `Miscellaneous Warning ${err.code}: ${err.message}` + ) + + return cachedRes + } + }) +} + +function remoteFetchHandleIntegrity (res, integrity) { + const oldBod = res.body + const newBod = ssri.integrityStream({ + integrity + }) + oldBod.pipe(newBod) + res.body = newBod + oldBod.once('error', err => { + newBod.emit('error', err) + }) + newBod.once('error', err => { + oldBod.emit('error', err) + }) +} + +function remoteFetch (uri, opts) { + const agent = getAgent(uri, opts) + const headers = Object.assign({ + 'connection': agent ? 'keep-alive' : 'close', + 'user-agent': USER_AGENT + }, opts.headers || {}) + + const reqOpts = { + agent, + body: opts.body, + compress: opts.compress, + follow: opts.follow, + headers: new fetch.Headers(headers), + method: opts.method, + redirect: 'manual', + size: opts.size, + counter: opts.counter, + timeout: opts.timeout + } + + return retry( + (retryHandler, attemptNum) => { + const req = new fetch.Request(uri, reqOpts) + return fetch(req) + .then(res => { + res.headers.set('x-fetch-attempts', attemptNum) + + if (opts.integrity) { + remoteFetchHandleIntegrity(res, opts.integrity) + } + + const isStream = req.body instanceof Stream + + if (opts.cacheManager) { + const isMethodGetHead = req.method === 'GET' || + req.method === 'HEAD' + + const isCachable = opts.cache !== 'no-store' && + isMethodGetHead && + makePolicy(req, res).storable() && + res.status === 200 // No other statuses should be stored! + + if (isCachable) { + return opts.cacheManager.put(req, res, opts) + } + + if (!isMethodGetHead) { + return opts.cacheManager.delete(req).then(() => { + if (res.status >= 500 && req.method !== 'POST' && !isStream) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + return res + }) + } + } + + const isRetriable = req.method !== 'POST' && + !isStream && ( + res.status === 408 || // Request Timeout + res.status === 420 || // Enhance Your Calm (usually Twitter rate-limit) + res.status === 429 || // Too Many Requests ("standard" rate-limiting) + res.status >= 500 // Assume server errors are momentary hiccups + ) + + if (isRetriable) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + if (!fetch.isRedirect(res.status) || opts.redirect === 'manual') { + return res + } + + // handle redirects - matches behavior of npm-fetch: https://github.com/bitinn/node-fetch + if (opts.redirect === 'error') { + const err = new Error(`redirect mode is set to error: ${uri}`) + err.code = 'ENOREDIRECT' + throw err + } + + if (!res.headers.get('location')) { + const err = new Error(`redirect location header missing at: ${uri}`) + err.code = 'EINVALIDREDIRECT' + throw err + } + + if (req.counter >= req.follow) { + const err = new Error(`maximum redirect reached at: ${uri}`) + err.code = 'EMAXREDIRECT' + throw err + } + + const resolvedUrl = url.resolve(req.url, res.headers.get('location')) + let redirectURL = url.parse(resolvedUrl) + + if (isURL.test(res.headers.get('location'))) { + redirectURL = url.parse(res.headers.get('location')) + } + + // Remove authorization if changing hostnames (but not if just + // changing ports or protocols). This matches the behavior of request: + // https://github.com/request/request/blob/b12a6245/lib/redirect.js#L134-L138 + if (url.parse(req.url).hostname !== redirectURL.hostname) { + req.headers.delete('authorization') + } + + // for POST request with 301/302 response, or any request with 303 response, + // use GET when following redirect + if (res.status === 303 || + ((res.status === 301 || res.status === 302) && req.method === 'POST')) { + opts.method = 'GET' + opts.body = null + req.headers.delete('content-length') + } + + opts.headers = {} + req.headers.forEach((value, name) => { + opts.headers[name] = value + }) + + opts.counter = ++req.counter + return cachingFetch(resolvedUrl, opts) + }) + .catch(err => { + const code = err.code === 'EPROMISERETRY' ? err.retried.code : err.code + + const isRetryError = RETRY_ERRORS.indexOf(code) === -1 && + RETRY_TYPES.indexOf(err.type) === -1 + + if (req.method === 'POST' || isRetryError) { + throw err + } + + if (typeof opts.onRetry === 'function') { + opts.onRetry(err) + } + + return retryHandler(err) + }) + }, + opts.retry + ).catch(err => { + if (err.status >= 400) { + return err + } + + throw err + }) +} + +function isHeaderConditional (headers) { + if (!headers || typeof headers !== 'object') { + return false + } + + const modifiers = [ + 'if-modified-since', + 'if-none-match', + 'if-unmodified-since', + 'if-match', + 'if-range' + ] + + return Object.keys(headers) + .some(h => modifiers.indexOf(h.toLowerCase()) !== -1) +} diff --git a/node_modules/libnpmpublish/node_modules/make-fetch-happen/package.json b/node_modules/libnpmpublish/node_modules/make-fetch-happen/package.json new file mode 100644 index 0000000000000..d5abc57173262 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/make-fetch-happen/package.json @@ -0,0 +1,94 @@ +{ + "_from": "make-fetch-happen@^4.0.2", + "_id": "make-fetch-happen@4.0.2", + "_inBundle": false, + "_integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "_location": "/libnpmpublish/make-fetch-happen", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "make-fetch-happen@^4.0.2", + "name": "make-fetch-happen", + "escapedName": "make-fetch-happen", + "rawSpec": "^4.0.2", + "saveSpec": null, + "fetchSpec": "^4.0.2" + }, + "_requiredBy": [ + "/libnpmpublish/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "_shasum": "2d156b11696fb32bffbafe1ac1bc085dd6c78a79", + "_spec": "make-fetch-happen@^4.0.2", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmpublish/node_modules/npm-registry-fetch", + "author": { + "name": "Kat Marchán", + "email": "kzm@zkat.tech" + }, + "bugs": { + "url": "https://github.com/zkat/make-fetch-happen/issues" + }, + "bundleDependencies": false, + "dependencies": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + }, + "deprecated": false, + "description": "Opinionated, caching, retrying fetch client", + "devDependencies": { + "bluebird": "^3.5.1", + "mkdirp": "^0.5.1", + "nock": "^9.2.3", + "npmlog": "^4.1.2", + "require-inject": "^1.4.2", + "rimraf": "^2.6.2", + "safe-buffer": "^5.1.1", + "standard": "^11.0.1", + "standard-version": "^4.3.0", + "tacks": "^1.2.6", + "tap": "^12.7.0", + "weallbehave": "^1.0.0", + "weallcontribute": "^1.0.7" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/zkat/make-fetch-happen#readme", + "keywords": [ + "http", + "request", + "fetch", + "mean girls", + "caching", + "cache", + "subresource integrity" + ], + "license": "ISC", + "main": "index.js", + "name": "make-fetch-happen", + "repository": { + "type": "git", + "url": "git+https://github.com/zkat/make-fetch-happen.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap --coverage --nyc-arg=--all --timeout=35 -J test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmpublish/node_modules/make-fetch-happen/warning.js b/node_modules/libnpmpublish/node_modules/make-fetch-happen/warning.js new file mode 100644 index 0000000000000..b8f13cf83195a --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/make-fetch-happen/warning.js @@ -0,0 +1,24 @@ +const url = require('url') + +module.exports = setWarning + +function setWarning (reqOrRes, code, message, replace) { + // Warning = "Warning" ":" 1#warning-value + // warning-value = warn-code SP warn-agent SP warn-text [SP warn-date] + // warn-code = 3DIGIT + // warn-agent = ( host [ ":" port ] ) | pseudonym + // ; the name or pseudonym of the server adding + // ; the Warning header, for use in debugging + // warn-text = quoted-string + // warn-date = <"> HTTP-date <"> + // (https://tools.ietf.org/html/rfc2616#section-14.46) + const host = url.parse(reqOrRes.url).host + const jsonMessage = JSON.stringify(message) + const jsonDate = JSON.stringify(new Date().toUTCString()) + const header = replace ? 'set' : 'append' + + reqOrRes.headers[header]( + 'Warning', + `${code} ${host} ${jsonMessage} ${jsonDate}` + ) +} diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 0000000000000..d24e026914c23 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,214 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + + +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + + +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + + +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + + +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + + +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + + +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + + +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + + +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + + +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + + +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + + +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + + +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + + +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + + +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + + +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + + +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + + +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/README.md new file mode 100644 index 0000000000000..0c3f4f9469955 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [![npm version](https://img.shields.io/npm/v/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![license](https://img.shields.io/npm/l/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![Travis](https://img.shields.io/travis/npm/npm-registry-fetch/latest.svg)](https://travis-ci.org/npm/npm-registry-fetch) [![AppVeyor](https://img.shields.io/appveyor/ci/zkat/npm-registry-fetch/latest.svg)](https://ci.appveyor.com/project/npm/npm-registry-fetch) [![Coverage Status](https://coveralls.io/repos/github/npm/npm-registry-fetch/badge.svg?branch=latest)](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(url, [opts]) -> Promise` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### `> fetch.json(url, [opts]) -> Promise` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### `opts.:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@/node@+ ()'` + +User agent string to send in the `User-Agent` header. + +##### `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 0000000000000..d583982d0a8b2 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 0000000000000..bfde699edcfbd --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/config.js new file mode 100644 index 0000000000000..7fe5dacc94362 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,98 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gid': {}, + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'uid': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 0000000000000..ba78735fce135 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/index.js new file mode 100644 index 0000000000000..4ba3c19243471 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,193 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout, + uid: opts.uid, + gid: opts.gid + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/package.json new file mode 100644 index 0000000000000..4302bfc690cb6 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,92 @@ +{ + "_from": "npm-registry-fetch@^3.8.0", + "_id": "npm-registry-fetch@3.9.1", + "_inBundle": false, + "_integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "_location": "/libnpmpublish/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^3.8.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^3.8.0", + "saveSpec": null, + "fetchSpec": "^3.8.0" + }, + "_requiredBy": [ + "/libnpmpublish" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "_shasum": "00ff6e4e35d3f75a172b332440b53e93f4cb67de", + "_spec": "npm-registry-fetch@^3.8.0", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmpublish", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^11.3.3", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "3.9.1" +} diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 0000000000000..886c5d55b2dbb --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmsearch/node_modules/make-fetch-happen/CHANGELOG.md b/node_modules/libnpmsearch/node_modules/make-fetch-happen/CHANGELOG.md new file mode 100644 index 0000000000000..a446842f55d80 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/make-fetch-happen/CHANGELOG.md @@ -0,0 +1,555 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [4.0.2](https://github.com/zkat/make-fetch-happen/compare/v4.0.1...v4.0.2) (2019-07-02) + + + + +## [4.0.1](https://github.com/zkat/make-fetch-happen/compare/v4.0.0...v4.0.1) (2018-04-12) + + +### Bug Fixes + +* **integrity:** use new sri.match() for verification ([4f371a0](https://github.com/zkat/make-fetch-happen/commit/4f371a0)) + + + + +# [4.0.0](https://github.com/zkat/make-fetch-happen/compare/v3.0.0...v4.0.0) (2018-04-09) + + +### meta + +* drop node@4, add node@9 ([7b0191a](https://github.com/zkat/make-fetch-happen/commit/7b0191a)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +# [3.0.0](https://github.com/zkat/make-fetch-happen/compare/v2.6.0...v3.0.0) (2018-03-12) + + +### Bug Fixes + +* **license:** switch to ISC ([#49](https://github.com/zkat/make-fetch-happen/issues/49)) ([bf90c6d](https://github.com/zkat/make-fetch-happen/commit/bf90c6d)) +* **standard:** standard@11 update ([ff0aa70](https://github.com/zkat/make-fetch-happen/commit/ff0aa70)) + + +### BREAKING CHANGES + +* **license:** license changed from CC0 to ISC. + + + + +# [2.6.0](https://github.com/zkat/make-fetch-happen/compare/v2.5.0...v2.6.0) (2017-11-14) + + +### Bug Fixes + +* **integrity:** disable node-fetch compress when checking integrity (#42) ([a7cc74c](https://github.com/zkat/make-fetch-happen/commit/a7cc74c)) + + +### Features + +* **onretry:** Add `options.onRetry` (#48) ([f90ccff](https://github.com/zkat/make-fetch-happen/commit/f90ccff)) + + + + +# [2.5.0](https://github.com/zkat/make-fetch-happen/compare/v2.4.13...v2.5.0) (2017-08-24) + + +### Bug Fixes + +* **agent:** support timeout durations greater than 30 seconds ([04875ae](https://github.com/zkat/make-fetch-happen/commit/04875ae)), closes [#35](https://github.com/zkat/make-fetch-happen/issues/35) + + +### Features + +* **cache:** export cache deletion functionality (#40) ([3da4250](https://github.com/zkat/make-fetch-happen/commit/3da4250)) + + + + +## [2.4.13](https://github.com/zkat/make-fetch-happen/compare/v2.4.12...v2.4.13) (2017-06-29) + + +### Bug Fixes + +* **deps:** bump other deps for bugfixes ([eab8297](https://github.com/zkat/make-fetch-happen/commit/eab8297)) +* **proxy:** bump proxy deps with bugfixes (#32) ([632f860](https://github.com/zkat/make-fetch-happen/commit/632f860)), closes [#32](https://github.com/zkat/make-fetch-happen/issues/32) + + + + +## [2.4.12](https://github.com/zkat/make-fetch-happen/compare/v2.4.11...v2.4.12) (2017-06-06) + + +### Bug Fixes + +* **cache:** encode x-local-cache-etc headers to be header-safe ([dc9fb1b](https://github.com/zkat/make-fetch-happen/commit/dc9fb1b)) + + + + +## [2.4.11](https://github.com/zkat/make-fetch-happen/compare/v2.4.10...v2.4.11) (2017-06-05) + + +### Bug Fixes + +* **deps:** bump deps with ssri fix ([bef1994](https://github.com/zkat/make-fetch-happen/commit/bef1994)) + + + + +## [2.4.10](https://github.com/zkat/make-fetch-happen/compare/v2.4.9...v2.4.10) (2017-05-31) + + +### Bug Fixes + +* **deps:** bump dep versions with bugfixes ([0af4003](https://github.com/zkat/make-fetch-happen/commit/0af4003)) +* **proxy:** use auth parameter for proxy authentication (#30) ([c687306](https://github.com/zkat/make-fetch-happen/commit/c687306)) + + + + +## [2.4.9](https://github.com/zkat/make-fetch-happen/compare/v2.4.8...v2.4.9) (2017-05-25) + + +### Bug Fixes + +* **cache:** use the passed-in promise for resolving cache stuff ([4c46257](https://github.com/zkat/make-fetch-happen/commit/4c46257)) + + + + +## [2.4.8](https://github.com/zkat/make-fetch-happen/compare/v2.4.7...v2.4.8) (2017-05-25) + + +### Bug Fixes + +* **cache:** pass uid/gid/Promise through to cache ([a847c92](https://github.com/zkat/make-fetch-happen/commit/a847c92)) + + + + +## [2.4.7](https://github.com/zkat/make-fetch-happen/compare/v2.4.6...v2.4.7) (2017-05-24) + + +### Bug Fixes + +* **deps:** pull in various fixes from deps ([fc2a587](https://github.com/zkat/make-fetch-happen/commit/fc2a587)) + + + + +## [2.4.6](https://github.com/zkat/make-fetch-happen/compare/v2.4.5...v2.4.6) (2017-05-24) + + +### Bug Fixes + +* **proxy:** choose agent for http(s)-proxy by protocol of destUrl ([ea4832a](https://github.com/zkat/make-fetch-happen/commit/ea4832a)) +* **proxy:** make socks proxy working ([1de810a](https://github.com/zkat/make-fetch-happen/commit/1de810a)) +* **proxy:** revert previous proxy solution ([563b0d8](https://github.com/zkat/make-fetch-happen/commit/563b0d8)) + + + + +## [2.4.5](https://github.com/zkat/make-fetch-happen/compare/v2.4.4...v2.4.5) (2017-05-24) + + +### Bug Fixes + +* **proxy:** use the destination url when determining agent ([1a714e7](https://github.com/zkat/make-fetch-happen/commit/1a714e7)) + + + + +## [2.4.4](https://github.com/zkat/make-fetch-happen/compare/v2.4.3...v2.4.4) (2017-05-23) + + +### Bug Fixes + +* **redirect:** handle redirects explicitly (#27) ([4c4af54](https://github.com/zkat/make-fetch-happen/commit/4c4af54)) + + + + +## [2.4.3](https://github.com/zkat/make-fetch-happen/compare/v2.4.2...v2.4.3) (2017-05-06) + + +### Bug Fixes + +* **redirect:** redirects now delete authorization if hosts fail to match ([c071805](https://github.com/zkat/make-fetch-happen/commit/c071805)) + + + + +## [2.4.2](https://github.com/zkat/make-fetch-happen/compare/v2.4.1...v2.4.2) (2017-05-04) + + +### Bug Fixes + +* **cache:** reduce race condition window by checking for content ([24544b1](https://github.com/zkat/make-fetch-happen/commit/24544b1)) +* **match:** Rewrite the conditional stream logic (#25) ([66bba4b](https://github.com/zkat/make-fetch-happen/commit/66bba4b)) + + + + +## [2.4.1](https://github.com/zkat/make-fetch-happen/compare/v2.4.0...v2.4.1) (2017-04-28) + + +### Bug Fixes + +* **memoization:** missed spots + allow passthrough of memo objs ([ac0cd12](https://github.com/zkat/make-fetch-happen/commit/ac0cd12)) + + + + +# [2.4.0](https://github.com/zkat/make-fetch-happen/compare/v2.3.0...v2.4.0) (2017-04-28) + + +### Bug Fixes + +* **memoize:** cacache had a broken memoizer ([8a9ed4c](https://github.com/zkat/make-fetch-happen/commit/8a9ed4c)) + + +### Features + +* **memoization:** only slurp stuff into memory if opts.memoize is not false ([0744adc](https://github.com/zkat/make-fetch-happen/commit/0744adc)) + + + + +# [2.3.0](https://github.com/zkat/make-fetch-happen/compare/v2.2.6...v2.3.0) (2017-04-27) + + +### Features + +* **agent:** added opts.strictSSL and opts.localAddress ([c35015a](https://github.com/zkat/make-fetch-happen/commit/c35015a)) +* **proxy:** Added opts.noProxy and NO_PROXY support ([f45c915](https://github.com/zkat/make-fetch-happen/commit/f45c915)) + + + + +## [2.2.6](https://github.com/zkat/make-fetch-happen/compare/v2.2.5...v2.2.6) (2017-04-26) + + +### Bug Fixes + +* **agent:** check uppercase & lowercase proxy env (#24) ([acf2326](https://github.com/zkat/make-fetch-happen/commit/acf2326)), closes [#22](https://github.com/zkat/make-fetch-happen/issues/22) +* **deps:** switch to node-fetch-npm and stop bundling ([3db603b](https://github.com/zkat/make-fetch-happen/commit/3db603b)) + + + + +## [2.2.5](https://github.com/zkat/make-fetch-happen/compare/v2.2.4...v2.2.5) (2017-04-23) + + +### Bug Fixes + +* **deps:** bump cacache and use its size feature ([926c1d3](https://github.com/zkat/make-fetch-happen/commit/926c1d3)) + + + + +## [2.2.4](https://github.com/zkat/make-fetch-happen/compare/v2.2.3...v2.2.4) (2017-04-18) + + +### Bug Fixes + +* **integrity:** hash verification issues fixed ([07f9402](https://github.com/zkat/make-fetch-happen/commit/07f9402)) + + + + +## [2.2.3](https://github.com/zkat/make-fetch-happen/compare/v2.2.2...v2.2.3) (2017-04-18) + + +### Bug Fixes + +* **staleness:** responses older than 8h were never stale :< ([b54dd75](https://github.com/zkat/make-fetch-happen/commit/b54dd75)) +* **warning:** remove spurious warning, make format more spec-compliant ([2e4f6bb](https://github.com/zkat/make-fetch-happen/commit/2e4f6bb)) + + + + +## [2.2.2](https://github.com/zkat/make-fetch-happen/compare/v2.2.1...v2.2.2) (2017-04-12) + + +### Bug Fixes + +* **retry:** stop retrying 404s ([6fafd53](https://github.com/zkat/make-fetch-happen/commit/6fafd53)) + + + + +## [2.2.1](https://github.com/zkat/make-fetch-happen/compare/v2.2.0...v2.2.1) (2017-04-10) + + +### Bug Fixes + +* **deps:** move test-only deps to devDeps ([2daaf80](https://github.com/zkat/make-fetch-happen/commit/2daaf80)) + + + + +# [2.2.0](https://github.com/zkat/make-fetch-happen/compare/v2.1.0...v2.2.0) (2017-04-09) + + +### Bug Fixes + +* **cache:** treat caches as private ([57b7dc2](https://github.com/zkat/make-fetch-happen/commit/57b7dc2)) + + +### Features + +* **retry:** accept shorthand retry settings ([dfed69d](https://github.com/zkat/make-fetch-happen/commit/dfed69d)) + + + + +# [2.1.0](https://github.com/zkat/make-fetch-happen/compare/v2.0.4...v2.1.0) (2017-04-09) + + +### Features + +* **cache:** cache now obeys Age and a variety of other things (#13) ([7b9652d](https://github.com/zkat/make-fetch-happen/commit/7b9652d)) + + + + +## [2.0.4](https://github.com/zkat/make-fetch-happen/compare/v2.0.3...v2.0.4) (2017-04-09) + + +### Bug Fixes + +* **agent:** accept Request as fetch input, not just strings ([b71669a](https://github.com/zkat/make-fetch-happen/commit/b71669a)) + + + + +## [2.0.3](https://github.com/zkat/make-fetch-happen/compare/v2.0.2...v2.0.3) (2017-04-09) + + +### Bug Fixes + +* **deps:** seriously ([c29e7e7](https://github.com/zkat/make-fetch-happen/commit/c29e7e7)) + + + + +## [2.0.2](https://github.com/zkat/make-fetch-happen/compare/v2.0.1...v2.0.2) (2017-04-09) + + +### Bug Fixes + +* **deps:** use bundleDeps instead ([c36ebf0](https://github.com/zkat/make-fetch-happen/commit/c36ebf0)) + + + + +## [2.0.1](https://github.com/zkat/make-fetch-happen/compare/v2.0.0...v2.0.1) (2017-04-09) + + +### Bug Fixes + +* **deps:** make sure node-fetch tarball included in release ([3bf49d1](https://github.com/zkat/make-fetch-happen/commit/3bf49d1)) + + + + +# [2.0.0](https://github.com/zkat/make-fetch-happen/compare/v1.7.0...v2.0.0) (2017-04-09) + + +### Bug Fixes + +* **deps:** manually pull in newer node-fetch to avoid babel prod dep ([66e5e87](https://github.com/zkat/make-fetch-happen/commit/66e5e87)) +* **retry:** be more specific about when we retry ([a47b782](https://github.com/zkat/make-fetch-happen/commit/a47b782)) + + +### Features + +* **agent:** add ca/cert/key support to auto-agent (#15) ([57585a7](https://github.com/zkat/make-fetch-happen/commit/57585a7)) + + +### BREAKING CHANGES + +* **agent:** pac proxies are no longer supported. +* **retry:** Retry logic has changes. + +* 404s, 420s, and 429s all retry now. +* ENOTFOUND no longer retries. +* Only ECONNRESET, ECONNREFUSED, EADDRINUSE, ETIMEDOUT, and `request-timeout` errors are retried. + + + + +# [1.7.0](https://github.com/zkat/make-fetch-happen/compare/v1.6.0...v1.7.0) (2017-04-08) + + +### Features + +* **cache:** add useful headers to inform users about cached data ([9bd7b00](https://github.com/zkat/make-fetch-happen/commit/9bd7b00)) + + + + +# [1.6.0](https://github.com/zkat/make-fetch-happen/compare/v1.5.1...v1.6.0) (2017-04-06) + + +### Features + +* **agent:** better, keepalive-supporting, default http agents ([16277f6](https://github.com/zkat/make-fetch-happen/commit/16277f6)) + + + + +## [1.5.1](https://github.com/zkat/make-fetch-happen/compare/v1.5.0...v1.5.1) (2017-04-05) + + +### Bug Fixes + +* **cache:** bump cacache for its fixed error messages ([2f2b916](https://github.com/zkat/make-fetch-happen/commit/2f2b916)) +* **cache:** fix handling of errors in cache reads ([5729222](https://github.com/zkat/make-fetch-happen/commit/5729222)) + + + + +# [1.5.0](https://github.com/zkat/make-fetch-happen/compare/v1.4.0...v1.5.0) (2017-04-04) + + +### Features + +* **retry:** retry requests on 408 timeouts, too ([8d8b5bd](https://github.com/zkat/make-fetch-happen/commit/8d8b5bd)) + + + + +# [1.4.0](https://github.com/zkat/make-fetch-happen/compare/v1.3.1...v1.4.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** stop relying on BB.catch ([2b04494](https://github.com/zkat/make-fetch-happen/commit/2b04494)) + + +### Features + +* **retry:** report retry attempt number as extra header ([fd50927](https://github.com/zkat/make-fetch-happen/commit/fd50927)) + + + + +## [1.3.1](https://github.com/zkat/make-fetch-happen/compare/v1.3.0...v1.3.1) (2017-04-04) + + +### Bug Fixes + +* **cache:** pretend cache entry is missing on ENOENT ([9c2bb26](https://github.com/zkat/make-fetch-happen/commit/9c2bb26)) + + + + +# [1.3.0](https://github.com/zkat/make-fetch-happen/compare/v1.2.1...v1.3.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** if metadata is missing for some odd reason, ignore the entry ([a021a6b](https://github.com/zkat/make-fetch-happen/commit/a021a6b)) + + +### Features + +* **cache:** add special headers when request was loaded straight from cache ([8a7dbd1](https://github.com/zkat/make-fetch-happen/commit/8a7dbd1)) +* **cache:** allow configuring algorithms to be calculated on insertion ([bf4a0f2](https://github.com/zkat/make-fetch-happen/commit/bf4a0f2)) + + + + +## [1.2.1](https://github.com/zkat/make-fetch-happen/compare/v1.2.0...v1.2.1) (2017-04-03) + + +### Bug Fixes + +* **integrity:** update cacache and ssri and change EBADCHECKSUM -> EINTEGRITY ([b6cf6f6](https://github.com/zkat/make-fetch-happen/commit/b6cf6f6)) + + + + +# [1.2.0](https://github.com/zkat/make-fetch-happen/compare/v1.1.0...v1.2.0) (2017-04-03) + + +### Features + +* **integrity:** full Subresource Integrity support (#10) ([a590159](https://github.com/zkat/make-fetch-happen/commit/a590159)) + + + + +# [1.1.0](https://github.com/zkat/make-fetch-happen/compare/v1.0.1...v1.1.0) (2017-04-01) + + +### Features + +* **opts:** fetch.defaults() for default options ([522a65e](https://github.com/zkat/make-fetch-happen/commit/522a65e)) + + + + +## [1.0.1](https://github.com/zkat/make-fetch-happen/compare/v1.0.0...v1.0.1) (2017-04-01) + + + + +# 1.0.0 (2017-04-01) + + +### Bug Fixes + +* **cache:** default on cache-control header ([b872a2c](https://github.com/zkat/make-fetch-happen/commit/b872a2c)) +* standard stuff and cache matching ([753f2c2](https://github.com/zkat/make-fetch-happen/commit/753f2c2)) +* **agent:** nudge around things with opts.agent ([ed62b57](https://github.com/zkat/make-fetch-happen/commit/ed62b57)) +* **agent:** {agent: false} has special behavior ([b8cc923](https://github.com/zkat/make-fetch-happen/commit/b8cc923)) +* **cache:** invalidation on non-GET ([fe78fac](https://github.com/zkat/make-fetch-happen/commit/fe78fac)) +* **cache:** make force-cache and only-if-cached work as expected ([f50e9df](https://github.com/zkat/make-fetch-happen/commit/f50e9df)) +* **cache:** more spec compliance ([d5a56db](https://github.com/zkat/make-fetch-happen/commit/d5a56db)) +* **cache:** only cache 200 gets ([0abb25a](https://github.com/zkat/make-fetch-happen/commit/0abb25a)) +* **cache:** only load cache code if cache opt is a string ([250fcd5](https://github.com/zkat/make-fetch-happen/commit/250fcd5)) +* **cache:** oops ([e3fa15a](https://github.com/zkat/make-fetch-happen/commit/e3fa15a)) +* **cache:** refactored warning removal into main file ([5b0a9f9](https://github.com/zkat/make-fetch-happen/commit/5b0a9f9)) +* **cache:** req constructor no longer needed in Cache ([5b74cbc](https://github.com/zkat/make-fetch-happen/commit/5b74cbc)) +* **cache:** standard fetch api calls cacheMode "cache" ([6fba805](https://github.com/zkat/make-fetch-happen/commit/6fba805)) +* **cache:** was using wrong method for non-GET/HEAD cache invalidation ([810763a](https://github.com/zkat/make-fetch-happen/commit/810763a)) +* **caching:** a bunch of cache-related fixes ([8ebda1d](https://github.com/zkat/make-fetch-happen/commit/8ebda1d)) +* **deps:** `cacache[@6](https://github.com/6).3.0` - race condition fixes ([9528442](https://github.com/zkat/make-fetch-happen/commit/9528442)) +* **freshness:** fix regex for cacheControl matching ([070db86](https://github.com/zkat/make-fetch-happen/commit/070db86)) +* **freshness:** fixed default freshness heuristic value ([5d29e88](https://github.com/zkat/make-fetch-happen/commit/5d29e88)) +* **logging:** remove console.log calls ([a1d0a47](https://github.com/zkat/make-fetch-happen/commit/a1d0a47)) +* **method:** node-fetch guarantees uppercase ([a1d68d6](https://github.com/zkat/make-fetch-happen/commit/a1d68d6)) +* **opts:** simplified opts handling ([516fd6e](https://github.com/zkat/make-fetch-happen/commit/516fd6e)) +* **proxy:** pass proxy option directly to ProxyAgent ([3398460](https://github.com/zkat/make-fetch-happen/commit/3398460)) +* **retry:** false -> {retries: 0} ([297fbb6](https://github.com/zkat/make-fetch-happen/commit/297fbb6)) +* **retry:** only retry put if body is not a stream ([a24e599](https://github.com/zkat/make-fetch-happen/commit/a24e599)) +* **retry:** skip retries if body is a stream for ANY method ([780c0f8](https://github.com/zkat/make-fetch-happen/commit/780c0f8)) + + +### Features + +* **api:** initial implementation -- can make and cache requests ([7d55b49](https://github.com/zkat/make-fetch-happen/commit/7d55b49)) +* **fetch:** injectable cache, and retry support ([87b84bf](https://github.com/zkat/make-fetch-happen/commit/87b84bf)) + + +### BREAKING CHANGES + +* **cache:** opts.cache -> opts.cacheManager; opts.cacheMode -> opts.cache +* **fetch:** opts.cache accepts a Cache-like obj or a path. Requests are now retried. +* **api:** actual api implemented diff --git a/node_modules/libnpmsearch/node_modules/make-fetch-happen/LICENSE b/node_modules/libnpmsearch/node_modules/make-fetch-happen/LICENSE new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/make-fetch-happen/LICENSE @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmsearch/node_modules/make-fetch-happen/README.md b/node_modules/libnpmsearch/node_modules/make-fetch-happen/README.md new file mode 100644 index 0000000000000..4d12d8dae7e31 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/make-fetch-happen/README.md @@ -0,0 +1,404 @@ +# make-fetch-happen [![npm version](https://img.shields.io/npm/v/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![license](https://img.shields.io/npm/l/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![Travis](https://img.shields.io/travis/zkat/make-fetch-happen.svg)](https://travis-ci.org/zkat/make-fetch-happen) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/make-fetch-happen?svg=true)](https://ci.appveyor.com/project/zkat/make-fetch-happen) [![Coverage Status](https://coveralls.io/repos/github/zkat/make-fetch-happen/badge.svg?branch=latest)](https://coveralls.io/github/zkat/make-fetch-happen?branch=latest) + + +[`make-fetch-happen`](https://github.com/zkat/make-fetch-happen) is a Node.js +library that wraps [`node-fetch-npm`](https://github.com/npm/node-fetch-npm) with additional +features [`node-fetch`](https://github.com/bitinn/node-fetch) doesn't intend to include, including HTTP Cache support, request +pooling, proxies, retries, [and more](#features)! + +## Install + +`$ npm install --save make-fetch-happen` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.defaults`](#fetch-defaults) + * [`node-fetch` options](#node-fetch-options) + * [`make-fetch-happen` options](#extra-options) + * [`opts.cacheManager`](#opts-cache-manager) + * [`opts.cache`](#opts-cache) + * [`opts.proxy`](#opts-proxy) + * [`opts.noProxy`](#opts-no-proxy) + * [`opts.ca, opts.cert, opts.key`](#https-opts) + * [`opts.maxSockets`](#opts-max-sockets) + * [`opts.retry`](#opts-retry) + * [`opts.onRetry`](#opts-onretry) + * [`opts.integrity`](#opts-integrity) +* [Message From Our Sponsors](#wow) + +### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' // path where cache will be written (and read) +}) + +fetch('https://registry.npmjs.org/make-fetch-happen').then(res => { + return res.json() // download the body as JSON +}).then(body => { + console.log(`got ${body.name} from web`) + return fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'no-cache' // forces a conditional request + }) +}).then(res => { + console.log(res.status) // 304! cache validated! + return res.json().then(body => { + console.log(`got ${body.name} from cache`) + }) +}) +``` + +### Features + +* Builds around [`node-fetch`](https://npm.im/node-fetch) for the core [`fetch` API](https://fetch.spec.whatwg.org) implementation +* Request pooling out of the box +* Quite fast, really +* Automatic HTTP-semantics-aware request retries +* Cache-fallback automatic "offline mode" +* Proxy support (http, https, socks, socks4, socks5) +* Built-in request caching following full HTTP caching rules (`Cache-Control`, `ETag`, `304`s, cache fallback on error, etc). +* Customize cache storage with any [Cache API](https://developer.mozilla.org/en-US/docs/Web/API/Cache)-compliant `Cache` instance. Cache to Redis! +* Node.js Stream support +* Transparent gzip and deflate support +* [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) support +* Literally punches nazis +* (PENDING) Range request caching and resuming + +### Contributing + +The make-fetch-happen team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](CONTRIBUTING.md) has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(uriOrRequest, [opts]) -> Promise` + +This function implements most of the [`fetch` API](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch): given a `uri` string or a `Request` instance, it will fire off an http request and return a Promise containing the relevant response. + +If `opts` is provided, the [`node-fetch`-specific options](#node-fetch-options) will be passed to that library. There are also [additional options](#extra-options) specific to make-fetch-happen that add various features, such as HTTP caching, integrity verification, proxy support, and more. + +##### Example + +```javascript +fetch('https://google.com').then(res => res.buffer()) +``` + +#### `> fetch.defaults([defaultUrl], [defaultOpts])` + +Returns a new `fetch` function that will call `make-fetch-happen` using `defaultUrl` and `defaultOpts` as default values to any calls. + +A defaulted `fetch` will also have a `.defaults()` method, so they can be chained. + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-local-cache' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen') // will always use the cache +``` + +#### `> node-fetch options` + +The following options for `node-fetch` are used as-is: + +* method +* body +* redirect +* follow +* timeout +* compress +* size + +These other options are modified or augmented by make-fetch-happen: + +* headers - Default `User-Agent` set to make-fetch happen. `Connection` is set to `keep-alive` or `close` automatically depending on `opts.agent`. +* agent + * If agent is null, an http or https Agent will be automatically used. By default, these will be `http.globalAgent` and `https.globalAgent`. + * If [`opts.proxy`](#opts-proxy) is provided and `opts.agent` is null, the agent will be set to an appropriate proxy-handling agent. + * If `opts.agent` is an object, it will be used as the request-pooling agent argument for this request. + * If `opts.agent` is `false`, it will be passed as-is to the underlying request library. This causes a new Agent to be spawned for every request. + +For more details, see [the documentation for `node-fetch` itself](https://github.com/bitinn/node-fetch#options). + +#### `> make-fetch-happen options` + +make-fetch-happen augments the `node-fetch` API with additional features available through extra options. The following extra options are available: + +* [`opts.cacheManager`](#opts-cache-manager) - Cache target to read/write +* [`opts.cache`](#opts-cache) - `fetch` cache mode. Controls cache *behavior*. +* [`opts.proxy`](#opts-proxy) - Proxy agent +* [`opts.noProxy`](#opts-no-proxy) - Domain segments to disable proxying for. +* [`opts.ca, opts.cert, opts.key, opts.strictSSL`](#https-opts) +* [`opts.localAddress`](#opts-local-address) +* [`opts.maxSockets`](#opts-max-sockets) +* [`opts.retry`](#opts-retry) - Request retry settings +* [`opts.onRetry`](#opts-onretry) - a function called whenever a retry is attempted +* [`opts.integrity`](#opts-integrity) - [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. + +#### `> opts.cacheManager` + +Either a `String` or a `Cache`. If the former, it will be assumed to be a `Path` to be used as the cache root for [`cacache`](https://npm.im/cacache). + +If an object is provided, it will be assumed to be a compliant [`Cache` instance](https://developer.mozilla.org/en-US/docs/Web/API/Cache). Only `Cache.match()`, `Cache.put()`, and `Cache.delete()` are required. Options objects will not be passed in to `match()` or `delete()`. + +By implementing this API, you can customize the storage backend for make-fetch-happen itself -- for example, you could implement a cache that uses `redis` for caching, or simply keeps everything in memory. Most of the caching logic exists entirely on the make-fetch-happen side, so the only thing you need to worry about is reading, writing, and deleting, as well as making sure `fetch.Response` objects are what gets returned. + +You can refer to `cache.js` in the make-fetch-happen source code for a reference implementation. + +**NOTE**: Requests will not be cached unless their response bodies are consumed. You will need to use one of the `res.json()`, `res.buffer()`, etc methods on the response, or drain the `res.body` stream, in order for it to be written. + +The default cache manager also adds the following headers to cached responses: + +* `X-Local-Cache`: Path to the cache the content was found in +* `X-Local-Cache-Key`: Unique cache entry key for this response +* `X-Local-Cache-Hash`: Specific integrity hash for the cached entry +* `X-Local-Cache-Time`: UTCString of the cache insertion time for the entry + +Using [`cacache`](https://npm.im/cacache), a call like this may be used to +manually fetch the cached entry: + +```javascript +const h = response.headers +cacache.get(h.get('x-local-cache'), h.get('x-local-cache-key')) + +// grab content only, directly: +cacache.get.byDigest(h.get('x-local-cache'), h.get('x-local-cache-hash')) +``` + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + cacheManager: './my-local-cache' +}) // -> 200-level response will be written to disk + +fetch('https://npm.im/cacache', { + cacheManager: new MyCustomRedisCache(process.env.PORT) +}) // -> 200-level response will be written to redis +``` + +A possible (minimal) implementation for `MyCustomRedisCache`: + +```javascript +const bluebird = require('bluebird') +const redis = require("redis") +bluebird.promisifyAll(redis.RedisClient.prototype) +class MyCustomRedisCache { + constructor (opts) { + this.redis = redis.createClient(opts) + } + match (req) { + return this.redis.getAsync(req.url).then(res => { + if (res) { + const parsed = JSON.parse(res) + return new fetch.Response(parsed.body, { + url: req.url, + headers: parsed.headers, + status: 200 + }) + } + }) + } + put (req, res) { + return res.buffer().then(body => { + return this.redis.setAsync(req.url, JSON.stringify({ + body: body, + headers: res.headers.raw() + })) + }).then(() => { + // return the response itself + return res + }) + } + 'delete' (req) { + return this.redis.unlinkAsync(req.url) + } +} +``` + +#### `> opts.cache` + +This option follows the standard `fetch` API cache option. This option will do nothing if [`opts.cacheManager`](#opts-cache-manager) is null. The following values are accepted (as strings): + +* `default` - Fetch will inspect the HTTP cache on the way to the network. If there is a fresh response it will be used. If there is a stale response a conditional request will be created, and a normal request otherwise. It then updates the HTTP cache with the response. If the revalidation request fails (for example, on a 500 or if you're offline), the stale response will be returned. +* `no-store` - Fetch behaves as if there is no HTTP cache at all. +* `reload` - Fetch behaves as if there is no HTTP cache on the way to the network. Ergo, it creates a normal request and updates the HTTP cache with the response. +* `no-cache` - Fetch creates a conditional request if there is a response in the HTTP cache and a normal request otherwise. It then updates the HTTP cache with the response. +* `force-cache` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it creates a normal request and updates the HTTP cache with the response. +* `only-if-cached` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it returns a network error. (Can only be used when request’s mode is "same-origin". Any cached redirects will be followed assuming request’s redirect mode is "follow" and the redirects do not violate request’s mode.) + +(Note: option descriptions are taken from https://fetch.spec.whatwg.org/#http-network-or-cache-fetch) + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' +}) + +// Will error with ENOTCACHED if we haven't already cached this url +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'only-if-cached' +}) + +// Will refresh any local content and cache the new response +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'reload' +}) + +// Will use any local data, even if stale. Otherwise, will hit network. +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'force-cache' +}) +``` + +#### `> opts.proxy` + +A string or `url.parse`-d URI to proxy through. Different Proxy handlers will be +used depending on the proxy's protocol. + +Additionally, `process.env.HTTP_PROXY`, `process.env.HTTPS_PROXY`, and +`process.env.PROXY` are used if present and no `opts.proxy` value is provided. + +(Pending) `process.env.NO_PROXY` may also be configured to skip proxying requests for all, or specific domains. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: 'https://corporate.yourcompany.proxy:4445' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: { + protocol: 'https:', + hostname: 'corporate.yourcompany.proxy', + port: 4445 + } +}) +``` + +#### `> opts.noProxy` + +If present, should be a comma-separated string or an array of domain extensions +that a proxy should _not_ be used for. + +This option may also be provided through `process.env.NO_PROXY`. + +#### `> opts.ca, opts.cert, opts.key, opts.strictSSL` + +These values are passed in directly to the HTTPS agent and will be used for both +proxied and unproxied outgoing HTTPS requests. They mostly correspond to the +same options the `https` module accepts, which will be themselves passed to +`tls.connect()`. `opts.strictSSL` corresponds to `rejectUnauthorized`. + +#### `> opts.localAddress` + +Passed directly to `http` and `https` request calls. Determines the local +address to bind to. + +#### `> opts.maxSockets` + +Default: 15 + +Maximum number of active concurrent sockets to use for the underlying +Http/Https/Proxy agents. This setting applies once per spawned agent. + +15 is probably a _pretty good value_ for most use-cases, and balances speed +with, uh, not knocking out people's routers. 🤓 + +#### `> opts.retry` + +An object that can be used to tune request retry settings. Retries will only be attempted on the following conditions: + +* Request method is NOT `POST` AND +* Request status is one of: `408`, `420`, `429`, or any status in the 500-range. OR +* Request errored with `ECONNRESET`, `ECONNREFUSED`, `EADDRINUSE`, `ETIMEDOUT`, or the `fetch` error `request-timeout`. + +The following are worth noting as explicitly not retried: + +* `getaddrinfo ENOTFOUND` and will be assumed to be either an unreachable domain or the user will be assumed offline. If a response is cached, it will be returned immediately. +* `ECONNRESET` currently has no support for restarting. It will eventually be supported but requires a bit more juggling due to streaming. + +If `opts.retry` is `false`, it is equivalent to `{retries: 0}` + +If `opts.retry` is a number, it is equivalent to `{retries: num}` + +The following retry options are available if you want more control over it: + +* retries +* factor +* minTimeout +* maxTimeout +* randomize + +For details on what each of these do, refer to the [`retry`](https://npm.im/retry) documentation. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + retry: { + retries: 10, + randomize: true + } +}) + +fetch('http://reliable.site.com', { + retry: false +}) + +fetch('http://one-more.site.com', { + retry: 3 +}) +``` + +#### `> opts.onRetry` + +A function called whenever a retry is attempted. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + onRetry() { + console.log('we will retry!') + } +}) +``` + +#### `> opts.integrity` + +Matches the response body against the given [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. If verification fails, the request will fail with an `EINTEGRITY` error. + +`integrity` may either be a string or an [`ssri`](https://npm.im/ssri) `Integrity`-like. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // -> ok + +fetch('https://malicious-registry.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // Error: EINTEGRITY +``` + +### Message From Our Sponsors + +![](stop.gif) + +![](happening.gif) diff --git a/node_modules/libnpmsearch/node_modules/make-fetch-happen/agent.js b/node_modules/libnpmsearch/node_modules/make-fetch-happen/agent.js new file mode 100644 index 0000000000000..55675946ad97d --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/make-fetch-happen/agent.js @@ -0,0 +1,171 @@ +'use strict' +const LRU = require('lru-cache') +const url = require('url') + +let AGENT_CACHE = new LRU({ max: 50 }) +let HttpsAgent +let HttpAgent + +module.exports = getAgent + +function getAgent (uri, opts) { + const parsedUri = url.parse(typeof uri === 'string' ? uri : uri.url) + const isHttps = parsedUri.protocol === 'https:' + const pxuri = getProxyUri(uri, opts) + + const key = [ + `https:${isHttps}`, + pxuri + ? `proxy:${pxuri.protocol}//${pxuri.host}:${pxuri.port}` + : '>no-proxy<', + `local-address:${opts.localAddress || '>no-local-address<'}`, + `strict-ssl:${isHttps ? !!opts.strictSSL : '>no-strict-ssl<'}`, + `ca:${(isHttps && opts.ca) || '>no-ca<'}`, + `cert:${(isHttps && opts.cert) || '>no-cert<'}`, + `key:${(isHttps && opts.key) || '>no-key<'}` + ].join(':') + + if (opts.agent != null) { // `agent: false` has special behavior! + return opts.agent + } + + if (AGENT_CACHE.peek(key)) { + return AGENT_CACHE.get(key) + } + + if (pxuri) { + const proxy = getProxy(pxuri, opts, isHttps) + AGENT_CACHE.set(key, proxy) + return proxy + } + + if (isHttps && !HttpsAgent) { + HttpsAgent = require('agentkeepalive').HttpsAgent + } else if (!isHttps && !HttpAgent) { + HttpAgent = require('agentkeepalive') + } + + // If opts.timeout is zero, set the agentTimeout to zero as well. A timeout + // of zero disables the timeout behavior (OS limits still apply). Else, if + // opts.timeout is a non-zero value, set it to timeout + 1, to ensure that + // the node-fetch-npm timeout will always fire first, giving us more + // consistent errors. + const agentTimeout = opts.timeout === 0 ? 0 : opts.timeout + 1 + + const agent = isHttps ? new HttpsAgent({ + maxSockets: opts.maxSockets || 15, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + localAddress: opts.localAddress, + rejectUnauthorized: opts.strictSSL, + timeout: agentTimeout + }) : new HttpAgent({ + maxSockets: opts.maxSockets || 15, + localAddress: opts.localAddress, + timeout: agentTimeout + }) + AGENT_CACHE.set(key, agent) + return agent +} + +function checkNoProxy (uri, opts) { + const host = url.parse(uri).hostname.split('.').reverse() + let noproxy = (opts.noProxy || getProcessEnv('no_proxy')) + if (typeof noproxy === 'string') { + noproxy = noproxy.split(/\s*,\s*/g) + } + return noproxy && noproxy.some(no => { + const noParts = no.split('.').filter(x => x).reverse() + if (!noParts.length) { return false } + for (let i = 0; i < noParts.length; i++) { + if (host[i] !== noParts[i]) { + return false + } + } + return true + }) +} + +module.exports.getProcessEnv = getProcessEnv + +function getProcessEnv (env) { + if (!env) { return } + + let value + + if (Array.isArray(env)) { + for (let e of env) { + value = process.env[e] || + process.env[e.toUpperCase()] || + process.env[e.toLowerCase()] + if (typeof value !== 'undefined') { break } + } + } + + if (typeof env === 'string') { + value = process.env[env] || + process.env[env.toUpperCase()] || + process.env[env.toLowerCase()] + } + + return value +} + +function getProxyUri (uri, opts) { + const protocol = url.parse(uri).protocol + + const proxy = opts.proxy || ( + protocol === 'https:' && getProcessEnv('https_proxy') + ) || ( + protocol === 'http:' && getProcessEnv(['https_proxy', 'http_proxy', 'proxy']) + ) + if (!proxy) { return null } + + const parsedProxy = (typeof proxy === 'string') ? url.parse(proxy) : proxy + + return !checkNoProxy(uri, opts) && parsedProxy +} + +let HttpProxyAgent +let HttpsProxyAgent +let SocksProxyAgent +function getProxy (proxyUrl, opts, isHttps) { + let popts = { + host: proxyUrl.hostname, + port: proxyUrl.port, + protocol: proxyUrl.protocol, + path: proxyUrl.path, + auth: proxyUrl.auth, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + timeout: opts.timeout === 0 ? 0 : opts.timeout + 1, + localAddress: opts.localAddress, + maxSockets: opts.maxSockets || 15, + rejectUnauthorized: opts.strictSSL + } + + if (proxyUrl.protocol === 'http:' || proxyUrl.protocol === 'https:') { + if (!isHttps) { + if (!HttpProxyAgent) { + HttpProxyAgent = require('http-proxy-agent') + } + + return new HttpProxyAgent(popts) + } else { + if (!HttpsProxyAgent) { + HttpsProxyAgent = require('https-proxy-agent') + } + + return new HttpsProxyAgent(popts) + } + } + if (proxyUrl.protocol.startsWith('socks')) { + if (!SocksProxyAgent) { + SocksProxyAgent = require('socks-proxy-agent') + } + + return new SocksProxyAgent(popts) + } +} diff --git a/node_modules/libnpmsearch/node_modules/make-fetch-happen/cache.js b/node_modules/libnpmsearch/node_modules/make-fetch-happen/cache.js new file mode 100644 index 0000000000000..0c519e69fbe81 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/make-fetch-happen/cache.js @@ -0,0 +1,249 @@ +'use strict' + +const cacache = require('cacache') +const fetch = require('node-fetch-npm') +const pipe = require('mississippi').pipe +const ssri = require('ssri') +const through = require('mississippi').through +const to = require('mississippi').to +const url = require('url') +const stream = require('stream') + +const MAX_MEM_SIZE = 5 * 1024 * 1024 // 5MB + +function cacheKey (req) { + const parsed = url.parse(req.url) + return `make-fetch-happen:request-cache:${ + url.format({ + protocol: parsed.protocol, + slashes: parsed.slashes, + host: parsed.host, + hostname: parsed.hostname, + pathname: parsed.pathname + }) + }` +} + +// This is a cacache-based implementation of the Cache standard, +// using node-fetch. +// docs: https://developer.mozilla.org/en-US/docs/Web/API/Cache +// +module.exports = class Cache { + constructor (path, opts) { + this._path = path + this._uid = opts && opts.uid + this._gid = opts && opts.gid + this.Promise = (opts && opts.Promise) || Promise + } + + // Returns a Promise that resolves to the response associated with the first + // matching request in the Cache object. + match (req, opts) { + opts = opts || {} + const key = cacheKey(req) + return cacache.get.info(this._path, key).then(info => { + return info && cacache.get.hasContent( + this._path, info.integrity, opts + ).then(exists => exists && info) + }).then(info => { + if (info && info.metadata && matchDetails(req, { + url: info.metadata.url, + reqHeaders: new fetch.Headers(info.metadata.reqHeaders), + resHeaders: new fetch.Headers(info.metadata.resHeaders), + cacheIntegrity: info.integrity, + integrity: opts && opts.integrity + })) { + const resHeaders = new fetch.Headers(info.metadata.resHeaders) + addCacheHeaders(resHeaders, this._path, key, info.integrity, info.time) + if (req.method === 'HEAD') { + return new fetch.Response(null, { + url: req.url, + headers: resHeaders, + status: 200 + }) + } + let body + const cachePath = this._path + // avoid opening cache file handles until a user actually tries to + // read from it. + if (opts.memoize !== false && info.size > MAX_MEM_SIZE) { + body = new stream.PassThrough() + const realRead = body._read + body._read = function (size) { + body._read = realRead + pipe( + cacache.get.stream.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }), + body, + err => body.emit(err)) + return realRead.call(this, size) + } + } else { + let readOnce = false + // cacache is much faster at bulk reads + body = new stream.Readable({ + read () { + if (readOnce) return this.push(null) + readOnce = true + cacache.get.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }).then(data => { + this.push(data) + this.push(null) + }, err => this.emit('error', err)) + } + }) + } + return this.Promise.resolve(new fetch.Response(body, { + url: req.url, + headers: resHeaders, + status: 200, + size: info.size + })) + } + }) + } + + // Takes both a request and its response and adds it to the given cache. + put (req, response, opts) { + opts = opts || {} + const size = response.headers.get('content-length') + const fitInMemory = !!size && opts.memoize !== false && size < MAX_MEM_SIZE + const ckey = cacheKey(req) + const cacheOpts = { + algorithms: opts.algorithms, + metadata: { + url: req.url, + reqHeaders: req.headers.raw(), + resHeaders: response.headers.raw() + }, + uid: this._uid, + gid: this._gid, + size, + memoize: fitInMemory && opts.memoize + } + if (req.method === 'HEAD' || response.status === 304) { + // Update metadata without writing + return cacache.get.info(this._path, ckey).then(info => { + // Providing these will bypass content write + cacheOpts.integrity = info.integrity + addCacheHeaders( + response.headers, this._path, ckey, info.integrity, info.time + ) + return new this.Promise((resolve, reject) => { + pipe( + cacache.get.stream.byDigest(this._path, info.integrity, cacheOpts), + cacache.put.stream(this._path, cacheKey(req), cacheOpts), + err => err ? reject(err) : resolve(response) + ) + }) + }).then(() => response) + } + let buf = [] + let bufSize = 0 + let cacheTargetStream = false + const cachePath = this._path + let cacheStream = to((chunk, enc, cb) => { + if (!cacheTargetStream) { + if (fitInMemory) { + cacheTargetStream = + to({highWaterMark: MAX_MEM_SIZE}, (chunk, enc, cb) => { + buf.push(chunk) + bufSize += chunk.length + cb() + }, done => { + cacache.put( + cachePath, + cacheKey(req), + Buffer.concat(buf, bufSize), + cacheOpts + ).then( + () => done(), + done + ) + }) + } else { + cacheTargetStream = + cacache.put.stream(cachePath, cacheKey(req), cacheOpts) + } + } + cacheTargetStream.write(chunk, enc, cb) + }, done => { + cacheTargetStream ? cacheTargetStream.end(done) : done() + }) + const oldBody = response.body + const newBody = through({highWaterMark: fitInMemory && MAX_MEM_SIZE}) + response.body = newBody + oldBody.once('error', err => newBody.emit('error', err)) + newBody.once('error', err => oldBody.emit('error', err)) + cacheStream.once('error', err => newBody.emit('error', err)) + pipe(oldBody, to((chunk, enc, cb) => { + cacheStream.write(chunk, enc, () => { + newBody.write(chunk, enc, cb) + }) + }, done => { + cacheStream.end(() => { + newBody.end(() => { + done() + }) + }) + }), err => err && newBody.emit('error', err)) + return response + } + + // Finds the Cache entry whose key is the request, and if found, deletes the + // Cache entry and returns a Promise that resolves to true. If no Cache entry + // is found, it returns false. + 'delete' (req, opts) { + opts = opts || {} + if (typeof opts.memoize === 'object') { + if (opts.memoize.reset) { + opts.memoize.reset() + } else if (opts.memoize.clear) { + opts.memoize.clear() + } else { + Object.keys(opts.memoize).forEach(k => { + opts.memoize[k] = null + }) + } + } + return cacache.rm.entry( + this._path, + cacheKey(req) + // TODO - true/false + ).then(() => false) + } +} + +function matchDetails (req, cached) { + const reqUrl = url.parse(req.url) + const cacheUrl = url.parse(cached.url) + const vary = cached.resHeaders.get('Vary') + // https://tools.ietf.org/html/rfc7234#section-4.1 + if (vary) { + if (vary.match(/\*/)) { + return false + } else { + const fieldsMatch = vary.split(/\s*,\s*/).every(field => { + return cached.reqHeaders.get(field) === req.headers.get(field) + }) + if (!fieldsMatch) { + return false + } + } + } + if (cached.integrity) { + return ssri.parse(cached.integrity).match(cached.cacheIntegrity) + } + reqUrl.hash = null + cacheUrl.hash = null + return url.format(reqUrl) === url.format(cacheUrl) +} + +function addCacheHeaders (resHeaders, path, key, hash, time) { + resHeaders.set('X-Local-Cache', encodeURIComponent(path)) + resHeaders.set('X-Local-Cache-Key', encodeURIComponent(key)) + resHeaders.set('X-Local-Cache-Hash', encodeURIComponent(hash)) + resHeaders.set('X-Local-Cache-Time', new Date(time).toUTCString()) +} diff --git a/node_modules/libnpmsearch/node_modules/make-fetch-happen/index.js b/node_modules/libnpmsearch/node_modules/make-fetch-happen/index.js new file mode 100644 index 0000000000000..0f2c164e19f28 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/make-fetch-happen/index.js @@ -0,0 +1,482 @@ +'use strict' + +let Cache +const url = require('url') +const CachePolicy = require('http-cache-semantics') +const fetch = require('node-fetch-npm') +const pkg = require('./package.json') +const retry = require('promise-retry') +let ssri +const Stream = require('stream') +const getAgent = require('./agent') +const setWarning = require('./warning') + +const isURL = /^https?:/ +const USER_AGENT = `${pkg.name}/${pkg.version} (+https://npm.im/${pkg.name})` + +const RETRY_ERRORS = [ + 'ECONNRESET', // remote socket closed on us + 'ECONNREFUSED', // remote host refused to open connection + 'EADDRINUSE', // failed to bind to a local port (proxy?) + 'ETIMEDOUT' // someone in the transaction is WAY TOO SLOW + // Known codes we do NOT retry on: + // ENOTFOUND (getaddrinfo failure. Either bad hostname, or offline) +] + +const RETRY_TYPES = [ + 'request-timeout' +] + +// https://fetch.spec.whatwg.org/#http-network-or-cache-fetch +module.exports = cachingFetch +cachingFetch.defaults = function (_uri, _opts) { + const fetch = this + if (typeof _uri === 'object') { + _opts = _uri + _uri = null + } + + function defaultedFetch (uri, opts) { + const finalOpts = Object.assign({}, _opts || {}, opts || {}) + return fetch(uri || _uri, finalOpts) + } + + defaultedFetch.defaults = fetch.defaults + defaultedFetch.delete = fetch.delete + return defaultedFetch +} + +cachingFetch.delete = cacheDelete +function cacheDelete (uri, opts) { + opts = configureOptions(opts) + if (opts.cacheManager) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + return opts.cacheManager.delete(req, opts) + } +} + +function initializeCache (opts) { + if (typeof opts.cacheManager === 'string') { + if (!Cache) { + // Default cacache-based cache + Cache = require('./cache') + } + + opts.cacheManager = new Cache(opts.cacheManager, opts) + } + + opts.cache = opts.cache || 'default' + + if (opts.cache === 'default' && isHeaderConditional(opts.headers)) { + // If header list contains `If-Modified-Since`, `If-None-Match`, + // `If-Unmodified-Since`, `If-Match`, or `If-Range`, fetch will set cache + // mode to "no-store" if it is "default". + opts.cache = 'no-store' + } +} + +function configureOptions (_opts) { + const opts = Object.assign({}, _opts || {}) + opts.method = (opts.method || 'GET').toUpperCase() + + if (opts.retry && typeof opts.retry === 'number') { + opts.retry = { retries: opts.retry } + } + + if (opts.retry === false) { + opts.retry = { retries: 0 } + } + + if (opts.cacheManager) { + initializeCache(opts) + } + + return opts +} + +function initializeSsri () { + if (!ssri) { + ssri = require('ssri') + } +} + +function cachingFetch (uri, _opts) { + const opts = configureOptions(_opts) + + if (opts.integrity) { + initializeSsri() + // if verifying integrity, node-fetch must not decompress + opts.compress = false + } + + const isCachable = (opts.method === 'GET' || opts.method === 'HEAD') && + opts.cacheManager && + opts.cache !== 'no-store' && + opts.cache !== 'reload' + + if (isCachable) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + + return opts.cacheManager.match(req, opts).then(res => { + if (res) { + const warningCode = (res.headers.get('Warning') || '').match(/^\d+/) + if (warningCode && +warningCode >= 100 && +warningCode < 200) { + // https://tools.ietf.org/html/rfc7234#section-4.3.4 + // + // If a stored response is selected for update, the cache MUST: + // + // * delete any Warning header fields in the stored response with + // warn-code 1xx (see Section 5.5); + // + // * retain any Warning header fields in the stored response with + // warn-code 2xx; + // + res.headers.delete('Warning') + } + + if (opts.cache === 'default' && !isStale(req, res)) { + return res + } + + if (opts.cache === 'default' || opts.cache === 'no-cache') { + return conditionalFetch(req, res, opts) + } + + if (opts.cache === 'force-cache' || opts.cache === 'only-if-cached') { + // 112 Disconnected operation + // SHOULD be included if the cache is intentionally disconnected from + // the rest of the network for a period of time. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(res, 112, 'Disconnected operation') + return res + } + } + + if (!res && opts.cache === 'only-if-cached') { + const errorMsg = `request to ${ + uri + } failed: cache mode is 'only-if-cached' but no cached response available.` + + const err = new Error(errorMsg) + err.code = 'ENOTCACHED' + throw err + } + + // Missing cache entry, or mode is default (if stale), reload, no-store + return remoteFetch(req.url, opts) + }) + } + + return remoteFetch(uri, opts) +} + +function iterableToObject (iter) { + const obj = {} + for (let k of iter.keys()) { + obj[k] = iter.get(k) + } + return obj +} + +function makePolicy (req, res) { + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + const _res = { + status: res.status, + headers: iterableToObject(res.headers) + } + + return new CachePolicy(_req, _res, { shared: false }) +} + +// https://tools.ietf.org/html/rfc7234#section-4.2 +function isStale (req, res) { + if (!res) { + return null + } + + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + + const policy = makePolicy(req, res) + + const responseTime = res.headers.get('x-local-cache-time') || + res.headers.get('date') || + 0 + + policy._responseTime = new Date(responseTime) + + const bool = !policy.satisfiesWithoutRevalidation(_req) + return bool +} + +function mustRevalidate (res) { + return (res.headers.get('cache-control') || '').match(/must-revalidate/i) +} + +function conditionalFetch (req, cachedRes, opts) { + const _req = { + url: req.url, + method: req.method, + headers: Object.assign({}, opts.headers || {}) + } + + const policy = makePolicy(req, cachedRes) + opts.headers = policy.revalidationHeaders(_req) + + return remoteFetch(req.url, opts) + .then(condRes => { + const revalidatedPolicy = policy.revalidatedPolicy(_req, { + status: condRes.status, + headers: iterableToObject(condRes.headers) + }) + + if (condRes.status >= 500 && !mustRevalidate(cachedRes)) { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + return cachedRes + } + + if (condRes.status === 304) { // 304 Not Modified + condRes.body = cachedRes.body + return opts.cacheManager.put(req, condRes, opts) + .then(newRes => { + newRes.headers = new fetch.Headers(revalidatedPolicy.policy.responseHeaders()) + return newRes + }) + } + + return condRes + }) + .then(res => res) + .catch(err => { + if (mustRevalidate(cachedRes)) { + throw err + } else { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + // 199 Miscellaneous warning + // The warning text MAY include arbitrary information to be presented to + // a human user, or logged. A system receiving this warning MUST NOT take + // any automated action, besides presenting the warning to the user. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning( + cachedRes, + 199, + `Miscellaneous Warning ${err.code}: ${err.message}` + ) + + return cachedRes + } + }) +} + +function remoteFetchHandleIntegrity (res, integrity) { + const oldBod = res.body + const newBod = ssri.integrityStream({ + integrity + }) + oldBod.pipe(newBod) + res.body = newBod + oldBod.once('error', err => { + newBod.emit('error', err) + }) + newBod.once('error', err => { + oldBod.emit('error', err) + }) +} + +function remoteFetch (uri, opts) { + const agent = getAgent(uri, opts) + const headers = Object.assign({ + 'connection': agent ? 'keep-alive' : 'close', + 'user-agent': USER_AGENT + }, opts.headers || {}) + + const reqOpts = { + agent, + body: opts.body, + compress: opts.compress, + follow: opts.follow, + headers: new fetch.Headers(headers), + method: opts.method, + redirect: 'manual', + size: opts.size, + counter: opts.counter, + timeout: opts.timeout + } + + return retry( + (retryHandler, attemptNum) => { + const req = new fetch.Request(uri, reqOpts) + return fetch(req) + .then(res => { + res.headers.set('x-fetch-attempts', attemptNum) + + if (opts.integrity) { + remoteFetchHandleIntegrity(res, opts.integrity) + } + + const isStream = req.body instanceof Stream + + if (opts.cacheManager) { + const isMethodGetHead = req.method === 'GET' || + req.method === 'HEAD' + + const isCachable = opts.cache !== 'no-store' && + isMethodGetHead && + makePolicy(req, res).storable() && + res.status === 200 // No other statuses should be stored! + + if (isCachable) { + return opts.cacheManager.put(req, res, opts) + } + + if (!isMethodGetHead) { + return opts.cacheManager.delete(req).then(() => { + if (res.status >= 500 && req.method !== 'POST' && !isStream) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + return res + }) + } + } + + const isRetriable = req.method !== 'POST' && + !isStream && ( + res.status === 408 || // Request Timeout + res.status === 420 || // Enhance Your Calm (usually Twitter rate-limit) + res.status === 429 || // Too Many Requests ("standard" rate-limiting) + res.status >= 500 // Assume server errors are momentary hiccups + ) + + if (isRetriable) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + if (!fetch.isRedirect(res.status) || opts.redirect === 'manual') { + return res + } + + // handle redirects - matches behavior of npm-fetch: https://github.com/bitinn/node-fetch + if (opts.redirect === 'error') { + const err = new Error(`redirect mode is set to error: ${uri}`) + err.code = 'ENOREDIRECT' + throw err + } + + if (!res.headers.get('location')) { + const err = new Error(`redirect location header missing at: ${uri}`) + err.code = 'EINVALIDREDIRECT' + throw err + } + + if (req.counter >= req.follow) { + const err = new Error(`maximum redirect reached at: ${uri}`) + err.code = 'EMAXREDIRECT' + throw err + } + + const resolvedUrl = url.resolve(req.url, res.headers.get('location')) + let redirectURL = url.parse(resolvedUrl) + + if (isURL.test(res.headers.get('location'))) { + redirectURL = url.parse(res.headers.get('location')) + } + + // Remove authorization if changing hostnames (but not if just + // changing ports or protocols). This matches the behavior of request: + // https://github.com/request/request/blob/b12a6245/lib/redirect.js#L134-L138 + if (url.parse(req.url).hostname !== redirectURL.hostname) { + req.headers.delete('authorization') + } + + // for POST request with 301/302 response, or any request with 303 response, + // use GET when following redirect + if (res.status === 303 || + ((res.status === 301 || res.status === 302) && req.method === 'POST')) { + opts.method = 'GET' + opts.body = null + req.headers.delete('content-length') + } + + opts.headers = {} + req.headers.forEach((value, name) => { + opts.headers[name] = value + }) + + opts.counter = ++req.counter + return cachingFetch(resolvedUrl, opts) + }) + .catch(err => { + const code = err.code === 'EPROMISERETRY' ? err.retried.code : err.code + + const isRetryError = RETRY_ERRORS.indexOf(code) === -1 && + RETRY_TYPES.indexOf(err.type) === -1 + + if (req.method === 'POST' || isRetryError) { + throw err + } + + if (typeof opts.onRetry === 'function') { + opts.onRetry(err) + } + + return retryHandler(err) + }) + }, + opts.retry + ).catch(err => { + if (err.status >= 400) { + return err + } + + throw err + }) +} + +function isHeaderConditional (headers) { + if (!headers || typeof headers !== 'object') { + return false + } + + const modifiers = [ + 'if-modified-since', + 'if-none-match', + 'if-unmodified-since', + 'if-match', + 'if-range' + ] + + return Object.keys(headers) + .some(h => modifiers.indexOf(h.toLowerCase()) !== -1) +} diff --git a/node_modules/libnpmsearch/node_modules/make-fetch-happen/package.json b/node_modules/libnpmsearch/node_modules/make-fetch-happen/package.json new file mode 100644 index 0000000000000..9290fe8c04cea --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/make-fetch-happen/package.json @@ -0,0 +1,94 @@ +{ + "_from": "make-fetch-happen@^4.0.2", + "_id": "make-fetch-happen@4.0.2", + "_inBundle": false, + "_integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "_location": "/libnpmsearch/make-fetch-happen", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "make-fetch-happen@^4.0.2", + "name": "make-fetch-happen", + "escapedName": "make-fetch-happen", + "rawSpec": "^4.0.2", + "saveSpec": null, + "fetchSpec": "^4.0.2" + }, + "_requiredBy": [ + "/libnpmsearch/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "_shasum": "2d156b11696fb32bffbafe1ac1bc085dd6c78a79", + "_spec": "make-fetch-happen@^4.0.2", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmsearch/node_modules/npm-registry-fetch", + "author": { + "name": "Kat Marchán", + "email": "kzm@zkat.tech" + }, + "bugs": { + "url": "https://github.com/zkat/make-fetch-happen/issues" + }, + "bundleDependencies": false, + "dependencies": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + }, + "deprecated": false, + "description": "Opinionated, caching, retrying fetch client", + "devDependencies": { + "bluebird": "^3.5.1", + "mkdirp": "^0.5.1", + "nock": "^9.2.3", + "npmlog": "^4.1.2", + "require-inject": "^1.4.2", + "rimraf": "^2.6.2", + "safe-buffer": "^5.1.1", + "standard": "^11.0.1", + "standard-version": "^4.3.0", + "tacks": "^1.2.6", + "tap": "^12.7.0", + "weallbehave": "^1.0.0", + "weallcontribute": "^1.0.7" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/zkat/make-fetch-happen#readme", + "keywords": [ + "http", + "request", + "fetch", + "mean girls", + "caching", + "cache", + "subresource integrity" + ], + "license": "ISC", + "main": "index.js", + "name": "make-fetch-happen", + "repository": { + "type": "git", + "url": "git+https://github.com/zkat/make-fetch-happen.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap --coverage --nyc-arg=--all --timeout=35 -J test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmsearch/node_modules/make-fetch-happen/warning.js b/node_modules/libnpmsearch/node_modules/make-fetch-happen/warning.js new file mode 100644 index 0000000000000..b8f13cf83195a --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/make-fetch-happen/warning.js @@ -0,0 +1,24 @@ +const url = require('url') + +module.exports = setWarning + +function setWarning (reqOrRes, code, message, replace) { + // Warning = "Warning" ":" 1#warning-value + // warning-value = warn-code SP warn-agent SP warn-text [SP warn-date] + // warn-code = 3DIGIT + // warn-agent = ( host [ ":" port ] ) | pseudonym + // ; the name or pseudonym of the server adding + // ; the Warning header, for use in debugging + // warn-text = quoted-string + // warn-date = <"> HTTP-date <"> + // (https://tools.ietf.org/html/rfc2616#section-14.46) + const host = url.parse(reqOrRes.url).host + const jsonMessage = JSON.stringify(message) + const jsonDate = JSON.stringify(new Date().toUTCString()) + const header = replace ? 'set' : 'append' + + reqOrRes.headers[header]( + 'Warning', + `${code} ${host} ${jsonMessage} ${jsonDate}` + ) +} diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 0000000000000..d24e026914c23 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,214 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + + +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + + +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + + +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + + +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + + +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + + +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + + +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + + +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + + +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + + +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + + +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + + +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + + +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + + +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + + +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + + +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + + +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/README.md new file mode 100644 index 0000000000000..0c3f4f9469955 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [![npm version](https://img.shields.io/npm/v/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![license](https://img.shields.io/npm/l/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![Travis](https://img.shields.io/travis/npm/npm-registry-fetch/latest.svg)](https://travis-ci.org/npm/npm-registry-fetch) [![AppVeyor](https://img.shields.io/appveyor/ci/zkat/npm-registry-fetch/latest.svg)](https://ci.appveyor.com/project/npm/npm-registry-fetch) [![Coverage Status](https://coveralls.io/repos/github/npm/npm-registry-fetch/badge.svg?branch=latest)](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(url, [opts]) -> Promise` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### `> fetch.json(url, [opts]) -> Promise` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### `opts.:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@/node@+ ()'` + +User agent string to send in the `User-Agent` header. + +##### `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 0000000000000..d583982d0a8b2 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 0000000000000..bfde699edcfbd --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/config.js new file mode 100644 index 0000000000000..7fe5dacc94362 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,98 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gid': {}, + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'uid': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 0000000000000..ba78735fce135 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/index.js new file mode 100644 index 0000000000000..4ba3c19243471 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,193 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout, + uid: opts.uid, + gid: opts.gid + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/package.json new file mode 100644 index 0000000000000..ca0f456d9a9f0 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,92 @@ +{ + "_from": "npm-registry-fetch@^3.8.0", + "_id": "npm-registry-fetch@3.9.1", + "_inBundle": false, + "_integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "_location": "/libnpmsearch/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^3.8.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^3.8.0", + "saveSpec": null, + "fetchSpec": "^3.8.0" + }, + "_requiredBy": [ + "/libnpmsearch" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "_shasum": "00ff6e4e35d3f75a172b332440b53e93f4cb67de", + "_spec": "npm-registry-fetch@^3.8.0", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmsearch", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^11.3.3", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "3.9.1" +} diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 0000000000000..886c5d55b2dbb --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmteam/node_modules/make-fetch-happen/CHANGELOG.md b/node_modules/libnpmteam/node_modules/make-fetch-happen/CHANGELOG.md new file mode 100644 index 0000000000000..a446842f55d80 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/make-fetch-happen/CHANGELOG.md @@ -0,0 +1,555 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [4.0.2](https://github.com/zkat/make-fetch-happen/compare/v4.0.1...v4.0.2) (2019-07-02) + + + + +## [4.0.1](https://github.com/zkat/make-fetch-happen/compare/v4.0.0...v4.0.1) (2018-04-12) + + +### Bug Fixes + +* **integrity:** use new sri.match() for verification ([4f371a0](https://github.com/zkat/make-fetch-happen/commit/4f371a0)) + + + + +# [4.0.0](https://github.com/zkat/make-fetch-happen/compare/v3.0.0...v4.0.0) (2018-04-09) + + +### meta + +* drop node@4, add node@9 ([7b0191a](https://github.com/zkat/make-fetch-happen/commit/7b0191a)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +# [3.0.0](https://github.com/zkat/make-fetch-happen/compare/v2.6.0...v3.0.0) (2018-03-12) + + +### Bug Fixes + +* **license:** switch to ISC ([#49](https://github.com/zkat/make-fetch-happen/issues/49)) ([bf90c6d](https://github.com/zkat/make-fetch-happen/commit/bf90c6d)) +* **standard:** standard@11 update ([ff0aa70](https://github.com/zkat/make-fetch-happen/commit/ff0aa70)) + + +### BREAKING CHANGES + +* **license:** license changed from CC0 to ISC. + + + + +# [2.6.0](https://github.com/zkat/make-fetch-happen/compare/v2.5.0...v2.6.0) (2017-11-14) + + +### Bug Fixes + +* **integrity:** disable node-fetch compress when checking integrity (#42) ([a7cc74c](https://github.com/zkat/make-fetch-happen/commit/a7cc74c)) + + +### Features + +* **onretry:** Add `options.onRetry` (#48) ([f90ccff](https://github.com/zkat/make-fetch-happen/commit/f90ccff)) + + + + +# [2.5.0](https://github.com/zkat/make-fetch-happen/compare/v2.4.13...v2.5.0) (2017-08-24) + + +### Bug Fixes + +* **agent:** support timeout durations greater than 30 seconds ([04875ae](https://github.com/zkat/make-fetch-happen/commit/04875ae)), closes [#35](https://github.com/zkat/make-fetch-happen/issues/35) + + +### Features + +* **cache:** export cache deletion functionality (#40) ([3da4250](https://github.com/zkat/make-fetch-happen/commit/3da4250)) + + + + +## [2.4.13](https://github.com/zkat/make-fetch-happen/compare/v2.4.12...v2.4.13) (2017-06-29) + + +### Bug Fixes + +* **deps:** bump other deps for bugfixes ([eab8297](https://github.com/zkat/make-fetch-happen/commit/eab8297)) +* **proxy:** bump proxy deps with bugfixes (#32) ([632f860](https://github.com/zkat/make-fetch-happen/commit/632f860)), closes [#32](https://github.com/zkat/make-fetch-happen/issues/32) + + + + +## [2.4.12](https://github.com/zkat/make-fetch-happen/compare/v2.4.11...v2.4.12) (2017-06-06) + + +### Bug Fixes + +* **cache:** encode x-local-cache-etc headers to be header-safe ([dc9fb1b](https://github.com/zkat/make-fetch-happen/commit/dc9fb1b)) + + + + +## [2.4.11](https://github.com/zkat/make-fetch-happen/compare/v2.4.10...v2.4.11) (2017-06-05) + + +### Bug Fixes + +* **deps:** bump deps with ssri fix ([bef1994](https://github.com/zkat/make-fetch-happen/commit/bef1994)) + + + + +## [2.4.10](https://github.com/zkat/make-fetch-happen/compare/v2.4.9...v2.4.10) (2017-05-31) + + +### Bug Fixes + +* **deps:** bump dep versions with bugfixes ([0af4003](https://github.com/zkat/make-fetch-happen/commit/0af4003)) +* **proxy:** use auth parameter for proxy authentication (#30) ([c687306](https://github.com/zkat/make-fetch-happen/commit/c687306)) + + + + +## [2.4.9](https://github.com/zkat/make-fetch-happen/compare/v2.4.8...v2.4.9) (2017-05-25) + + +### Bug Fixes + +* **cache:** use the passed-in promise for resolving cache stuff ([4c46257](https://github.com/zkat/make-fetch-happen/commit/4c46257)) + + + + +## [2.4.8](https://github.com/zkat/make-fetch-happen/compare/v2.4.7...v2.4.8) (2017-05-25) + + +### Bug Fixes + +* **cache:** pass uid/gid/Promise through to cache ([a847c92](https://github.com/zkat/make-fetch-happen/commit/a847c92)) + + + + +## [2.4.7](https://github.com/zkat/make-fetch-happen/compare/v2.4.6...v2.4.7) (2017-05-24) + + +### Bug Fixes + +* **deps:** pull in various fixes from deps ([fc2a587](https://github.com/zkat/make-fetch-happen/commit/fc2a587)) + + + + +## [2.4.6](https://github.com/zkat/make-fetch-happen/compare/v2.4.5...v2.4.6) (2017-05-24) + + +### Bug Fixes + +* **proxy:** choose agent for http(s)-proxy by protocol of destUrl ([ea4832a](https://github.com/zkat/make-fetch-happen/commit/ea4832a)) +* **proxy:** make socks proxy working ([1de810a](https://github.com/zkat/make-fetch-happen/commit/1de810a)) +* **proxy:** revert previous proxy solution ([563b0d8](https://github.com/zkat/make-fetch-happen/commit/563b0d8)) + + + + +## [2.4.5](https://github.com/zkat/make-fetch-happen/compare/v2.4.4...v2.4.5) (2017-05-24) + + +### Bug Fixes + +* **proxy:** use the destination url when determining agent ([1a714e7](https://github.com/zkat/make-fetch-happen/commit/1a714e7)) + + + + +## [2.4.4](https://github.com/zkat/make-fetch-happen/compare/v2.4.3...v2.4.4) (2017-05-23) + + +### Bug Fixes + +* **redirect:** handle redirects explicitly (#27) ([4c4af54](https://github.com/zkat/make-fetch-happen/commit/4c4af54)) + + + + +## [2.4.3](https://github.com/zkat/make-fetch-happen/compare/v2.4.2...v2.4.3) (2017-05-06) + + +### Bug Fixes + +* **redirect:** redirects now delete authorization if hosts fail to match ([c071805](https://github.com/zkat/make-fetch-happen/commit/c071805)) + + + + +## [2.4.2](https://github.com/zkat/make-fetch-happen/compare/v2.4.1...v2.4.2) (2017-05-04) + + +### Bug Fixes + +* **cache:** reduce race condition window by checking for content ([24544b1](https://github.com/zkat/make-fetch-happen/commit/24544b1)) +* **match:** Rewrite the conditional stream logic (#25) ([66bba4b](https://github.com/zkat/make-fetch-happen/commit/66bba4b)) + + + + +## [2.4.1](https://github.com/zkat/make-fetch-happen/compare/v2.4.0...v2.4.1) (2017-04-28) + + +### Bug Fixes + +* **memoization:** missed spots + allow passthrough of memo objs ([ac0cd12](https://github.com/zkat/make-fetch-happen/commit/ac0cd12)) + + + + +# [2.4.0](https://github.com/zkat/make-fetch-happen/compare/v2.3.0...v2.4.0) (2017-04-28) + + +### Bug Fixes + +* **memoize:** cacache had a broken memoizer ([8a9ed4c](https://github.com/zkat/make-fetch-happen/commit/8a9ed4c)) + + +### Features + +* **memoization:** only slurp stuff into memory if opts.memoize is not false ([0744adc](https://github.com/zkat/make-fetch-happen/commit/0744adc)) + + + + +# [2.3.0](https://github.com/zkat/make-fetch-happen/compare/v2.2.6...v2.3.0) (2017-04-27) + + +### Features + +* **agent:** added opts.strictSSL and opts.localAddress ([c35015a](https://github.com/zkat/make-fetch-happen/commit/c35015a)) +* **proxy:** Added opts.noProxy and NO_PROXY support ([f45c915](https://github.com/zkat/make-fetch-happen/commit/f45c915)) + + + + +## [2.2.6](https://github.com/zkat/make-fetch-happen/compare/v2.2.5...v2.2.6) (2017-04-26) + + +### Bug Fixes + +* **agent:** check uppercase & lowercase proxy env (#24) ([acf2326](https://github.com/zkat/make-fetch-happen/commit/acf2326)), closes [#22](https://github.com/zkat/make-fetch-happen/issues/22) +* **deps:** switch to node-fetch-npm and stop bundling ([3db603b](https://github.com/zkat/make-fetch-happen/commit/3db603b)) + + + + +## [2.2.5](https://github.com/zkat/make-fetch-happen/compare/v2.2.4...v2.2.5) (2017-04-23) + + +### Bug Fixes + +* **deps:** bump cacache and use its size feature ([926c1d3](https://github.com/zkat/make-fetch-happen/commit/926c1d3)) + + + + +## [2.2.4](https://github.com/zkat/make-fetch-happen/compare/v2.2.3...v2.2.4) (2017-04-18) + + +### Bug Fixes + +* **integrity:** hash verification issues fixed ([07f9402](https://github.com/zkat/make-fetch-happen/commit/07f9402)) + + + + +## [2.2.3](https://github.com/zkat/make-fetch-happen/compare/v2.2.2...v2.2.3) (2017-04-18) + + +### Bug Fixes + +* **staleness:** responses older than 8h were never stale :< ([b54dd75](https://github.com/zkat/make-fetch-happen/commit/b54dd75)) +* **warning:** remove spurious warning, make format more spec-compliant ([2e4f6bb](https://github.com/zkat/make-fetch-happen/commit/2e4f6bb)) + + + + +## [2.2.2](https://github.com/zkat/make-fetch-happen/compare/v2.2.1...v2.2.2) (2017-04-12) + + +### Bug Fixes + +* **retry:** stop retrying 404s ([6fafd53](https://github.com/zkat/make-fetch-happen/commit/6fafd53)) + + + + +## [2.2.1](https://github.com/zkat/make-fetch-happen/compare/v2.2.0...v2.2.1) (2017-04-10) + + +### Bug Fixes + +* **deps:** move test-only deps to devDeps ([2daaf80](https://github.com/zkat/make-fetch-happen/commit/2daaf80)) + + + + +# [2.2.0](https://github.com/zkat/make-fetch-happen/compare/v2.1.0...v2.2.0) (2017-04-09) + + +### Bug Fixes + +* **cache:** treat caches as private ([57b7dc2](https://github.com/zkat/make-fetch-happen/commit/57b7dc2)) + + +### Features + +* **retry:** accept shorthand retry settings ([dfed69d](https://github.com/zkat/make-fetch-happen/commit/dfed69d)) + + + + +# [2.1.0](https://github.com/zkat/make-fetch-happen/compare/v2.0.4...v2.1.0) (2017-04-09) + + +### Features + +* **cache:** cache now obeys Age and a variety of other things (#13) ([7b9652d](https://github.com/zkat/make-fetch-happen/commit/7b9652d)) + + + + +## [2.0.4](https://github.com/zkat/make-fetch-happen/compare/v2.0.3...v2.0.4) (2017-04-09) + + +### Bug Fixes + +* **agent:** accept Request as fetch input, not just strings ([b71669a](https://github.com/zkat/make-fetch-happen/commit/b71669a)) + + + + +## [2.0.3](https://github.com/zkat/make-fetch-happen/compare/v2.0.2...v2.0.3) (2017-04-09) + + +### Bug Fixes + +* **deps:** seriously ([c29e7e7](https://github.com/zkat/make-fetch-happen/commit/c29e7e7)) + + + + +## [2.0.2](https://github.com/zkat/make-fetch-happen/compare/v2.0.1...v2.0.2) (2017-04-09) + + +### Bug Fixes + +* **deps:** use bundleDeps instead ([c36ebf0](https://github.com/zkat/make-fetch-happen/commit/c36ebf0)) + + + + +## [2.0.1](https://github.com/zkat/make-fetch-happen/compare/v2.0.0...v2.0.1) (2017-04-09) + + +### Bug Fixes + +* **deps:** make sure node-fetch tarball included in release ([3bf49d1](https://github.com/zkat/make-fetch-happen/commit/3bf49d1)) + + + + +# [2.0.0](https://github.com/zkat/make-fetch-happen/compare/v1.7.0...v2.0.0) (2017-04-09) + + +### Bug Fixes + +* **deps:** manually pull in newer node-fetch to avoid babel prod dep ([66e5e87](https://github.com/zkat/make-fetch-happen/commit/66e5e87)) +* **retry:** be more specific about when we retry ([a47b782](https://github.com/zkat/make-fetch-happen/commit/a47b782)) + + +### Features + +* **agent:** add ca/cert/key support to auto-agent (#15) ([57585a7](https://github.com/zkat/make-fetch-happen/commit/57585a7)) + + +### BREAKING CHANGES + +* **agent:** pac proxies are no longer supported. +* **retry:** Retry logic has changes. + +* 404s, 420s, and 429s all retry now. +* ENOTFOUND no longer retries. +* Only ECONNRESET, ECONNREFUSED, EADDRINUSE, ETIMEDOUT, and `request-timeout` errors are retried. + + + + +# [1.7.0](https://github.com/zkat/make-fetch-happen/compare/v1.6.0...v1.7.0) (2017-04-08) + + +### Features + +* **cache:** add useful headers to inform users about cached data ([9bd7b00](https://github.com/zkat/make-fetch-happen/commit/9bd7b00)) + + + + +# [1.6.0](https://github.com/zkat/make-fetch-happen/compare/v1.5.1...v1.6.0) (2017-04-06) + + +### Features + +* **agent:** better, keepalive-supporting, default http agents ([16277f6](https://github.com/zkat/make-fetch-happen/commit/16277f6)) + + + + +## [1.5.1](https://github.com/zkat/make-fetch-happen/compare/v1.5.0...v1.5.1) (2017-04-05) + + +### Bug Fixes + +* **cache:** bump cacache for its fixed error messages ([2f2b916](https://github.com/zkat/make-fetch-happen/commit/2f2b916)) +* **cache:** fix handling of errors in cache reads ([5729222](https://github.com/zkat/make-fetch-happen/commit/5729222)) + + + + +# [1.5.0](https://github.com/zkat/make-fetch-happen/compare/v1.4.0...v1.5.0) (2017-04-04) + + +### Features + +* **retry:** retry requests on 408 timeouts, too ([8d8b5bd](https://github.com/zkat/make-fetch-happen/commit/8d8b5bd)) + + + + +# [1.4.0](https://github.com/zkat/make-fetch-happen/compare/v1.3.1...v1.4.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** stop relying on BB.catch ([2b04494](https://github.com/zkat/make-fetch-happen/commit/2b04494)) + + +### Features + +* **retry:** report retry attempt number as extra header ([fd50927](https://github.com/zkat/make-fetch-happen/commit/fd50927)) + + + + +## [1.3.1](https://github.com/zkat/make-fetch-happen/compare/v1.3.0...v1.3.1) (2017-04-04) + + +### Bug Fixes + +* **cache:** pretend cache entry is missing on ENOENT ([9c2bb26](https://github.com/zkat/make-fetch-happen/commit/9c2bb26)) + + + + +# [1.3.0](https://github.com/zkat/make-fetch-happen/compare/v1.2.1...v1.3.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** if metadata is missing for some odd reason, ignore the entry ([a021a6b](https://github.com/zkat/make-fetch-happen/commit/a021a6b)) + + +### Features + +* **cache:** add special headers when request was loaded straight from cache ([8a7dbd1](https://github.com/zkat/make-fetch-happen/commit/8a7dbd1)) +* **cache:** allow configuring algorithms to be calculated on insertion ([bf4a0f2](https://github.com/zkat/make-fetch-happen/commit/bf4a0f2)) + + + + +## [1.2.1](https://github.com/zkat/make-fetch-happen/compare/v1.2.0...v1.2.1) (2017-04-03) + + +### Bug Fixes + +* **integrity:** update cacache and ssri and change EBADCHECKSUM -> EINTEGRITY ([b6cf6f6](https://github.com/zkat/make-fetch-happen/commit/b6cf6f6)) + + + + +# [1.2.0](https://github.com/zkat/make-fetch-happen/compare/v1.1.0...v1.2.0) (2017-04-03) + + +### Features + +* **integrity:** full Subresource Integrity support (#10) ([a590159](https://github.com/zkat/make-fetch-happen/commit/a590159)) + + + + +# [1.1.0](https://github.com/zkat/make-fetch-happen/compare/v1.0.1...v1.1.0) (2017-04-01) + + +### Features + +* **opts:** fetch.defaults() for default options ([522a65e](https://github.com/zkat/make-fetch-happen/commit/522a65e)) + + + + +## [1.0.1](https://github.com/zkat/make-fetch-happen/compare/v1.0.0...v1.0.1) (2017-04-01) + + + + +# 1.0.0 (2017-04-01) + + +### Bug Fixes + +* **cache:** default on cache-control header ([b872a2c](https://github.com/zkat/make-fetch-happen/commit/b872a2c)) +* standard stuff and cache matching ([753f2c2](https://github.com/zkat/make-fetch-happen/commit/753f2c2)) +* **agent:** nudge around things with opts.agent ([ed62b57](https://github.com/zkat/make-fetch-happen/commit/ed62b57)) +* **agent:** {agent: false} has special behavior ([b8cc923](https://github.com/zkat/make-fetch-happen/commit/b8cc923)) +* **cache:** invalidation on non-GET ([fe78fac](https://github.com/zkat/make-fetch-happen/commit/fe78fac)) +* **cache:** make force-cache and only-if-cached work as expected ([f50e9df](https://github.com/zkat/make-fetch-happen/commit/f50e9df)) +* **cache:** more spec compliance ([d5a56db](https://github.com/zkat/make-fetch-happen/commit/d5a56db)) +* **cache:** only cache 200 gets ([0abb25a](https://github.com/zkat/make-fetch-happen/commit/0abb25a)) +* **cache:** only load cache code if cache opt is a string ([250fcd5](https://github.com/zkat/make-fetch-happen/commit/250fcd5)) +* **cache:** oops ([e3fa15a](https://github.com/zkat/make-fetch-happen/commit/e3fa15a)) +* **cache:** refactored warning removal into main file ([5b0a9f9](https://github.com/zkat/make-fetch-happen/commit/5b0a9f9)) +* **cache:** req constructor no longer needed in Cache ([5b74cbc](https://github.com/zkat/make-fetch-happen/commit/5b74cbc)) +* **cache:** standard fetch api calls cacheMode "cache" ([6fba805](https://github.com/zkat/make-fetch-happen/commit/6fba805)) +* **cache:** was using wrong method for non-GET/HEAD cache invalidation ([810763a](https://github.com/zkat/make-fetch-happen/commit/810763a)) +* **caching:** a bunch of cache-related fixes ([8ebda1d](https://github.com/zkat/make-fetch-happen/commit/8ebda1d)) +* **deps:** `cacache[@6](https://github.com/6).3.0` - race condition fixes ([9528442](https://github.com/zkat/make-fetch-happen/commit/9528442)) +* **freshness:** fix regex for cacheControl matching ([070db86](https://github.com/zkat/make-fetch-happen/commit/070db86)) +* **freshness:** fixed default freshness heuristic value ([5d29e88](https://github.com/zkat/make-fetch-happen/commit/5d29e88)) +* **logging:** remove console.log calls ([a1d0a47](https://github.com/zkat/make-fetch-happen/commit/a1d0a47)) +* **method:** node-fetch guarantees uppercase ([a1d68d6](https://github.com/zkat/make-fetch-happen/commit/a1d68d6)) +* **opts:** simplified opts handling ([516fd6e](https://github.com/zkat/make-fetch-happen/commit/516fd6e)) +* **proxy:** pass proxy option directly to ProxyAgent ([3398460](https://github.com/zkat/make-fetch-happen/commit/3398460)) +* **retry:** false -> {retries: 0} ([297fbb6](https://github.com/zkat/make-fetch-happen/commit/297fbb6)) +* **retry:** only retry put if body is not a stream ([a24e599](https://github.com/zkat/make-fetch-happen/commit/a24e599)) +* **retry:** skip retries if body is a stream for ANY method ([780c0f8](https://github.com/zkat/make-fetch-happen/commit/780c0f8)) + + +### Features + +* **api:** initial implementation -- can make and cache requests ([7d55b49](https://github.com/zkat/make-fetch-happen/commit/7d55b49)) +* **fetch:** injectable cache, and retry support ([87b84bf](https://github.com/zkat/make-fetch-happen/commit/87b84bf)) + + +### BREAKING CHANGES + +* **cache:** opts.cache -> opts.cacheManager; opts.cacheMode -> opts.cache +* **fetch:** opts.cache accepts a Cache-like obj or a path. Requests are now retried. +* **api:** actual api implemented diff --git a/node_modules/libnpmteam/node_modules/make-fetch-happen/LICENSE b/node_modules/libnpmteam/node_modules/make-fetch-happen/LICENSE new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/make-fetch-happen/LICENSE @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmteam/node_modules/make-fetch-happen/README.md b/node_modules/libnpmteam/node_modules/make-fetch-happen/README.md new file mode 100644 index 0000000000000..4d12d8dae7e31 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/make-fetch-happen/README.md @@ -0,0 +1,404 @@ +# make-fetch-happen [![npm version](https://img.shields.io/npm/v/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![license](https://img.shields.io/npm/l/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![Travis](https://img.shields.io/travis/zkat/make-fetch-happen.svg)](https://travis-ci.org/zkat/make-fetch-happen) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/make-fetch-happen?svg=true)](https://ci.appveyor.com/project/zkat/make-fetch-happen) [![Coverage Status](https://coveralls.io/repos/github/zkat/make-fetch-happen/badge.svg?branch=latest)](https://coveralls.io/github/zkat/make-fetch-happen?branch=latest) + + +[`make-fetch-happen`](https://github.com/zkat/make-fetch-happen) is a Node.js +library that wraps [`node-fetch-npm`](https://github.com/npm/node-fetch-npm) with additional +features [`node-fetch`](https://github.com/bitinn/node-fetch) doesn't intend to include, including HTTP Cache support, request +pooling, proxies, retries, [and more](#features)! + +## Install + +`$ npm install --save make-fetch-happen` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.defaults`](#fetch-defaults) + * [`node-fetch` options](#node-fetch-options) + * [`make-fetch-happen` options](#extra-options) + * [`opts.cacheManager`](#opts-cache-manager) + * [`opts.cache`](#opts-cache) + * [`opts.proxy`](#opts-proxy) + * [`opts.noProxy`](#opts-no-proxy) + * [`opts.ca, opts.cert, opts.key`](#https-opts) + * [`opts.maxSockets`](#opts-max-sockets) + * [`opts.retry`](#opts-retry) + * [`opts.onRetry`](#opts-onretry) + * [`opts.integrity`](#opts-integrity) +* [Message From Our Sponsors](#wow) + +### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' // path where cache will be written (and read) +}) + +fetch('https://registry.npmjs.org/make-fetch-happen').then(res => { + return res.json() // download the body as JSON +}).then(body => { + console.log(`got ${body.name} from web`) + return fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'no-cache' // forces a conditional request + }) +}).then(res => { + console.log(res.status) // 304! cache validated! + return res.json().then(body => { + console.log(`got ${body.name} from cache`) + }) +}) +``` + +### Features + +* Builds around [`node-fetch`](https://npm.im/node-fetch) for the core [`fetch` API](https://fetch.spec.whatwg.org) implementation +* Request pooling out of the box +* Quite fast, really +* Automatic HTTP-semantics-aware request retries +* Cache-fallback automatic "offline mode" +* Proxy support (http, https, socks, socks4, socks5) +* Built-in request caching following full HTTP caching rules (`Cache-Control`, `ETag`, `304`s, cache fallback on error, etc). +* Customize cache storage with any [Cache API](https://developer.mozilla.org/en-US/docs/Web/API/Cache)-compliant `Cache` instance. Cache to Redis! +* Node.js Stream support +* Transparent gzip and deflate support +* [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) support +* Literally punches nazis +* (PENDING) Range request caching and resuming + +### Contributing + +The make-fetch-happen team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](CONTRIBUTING.md) has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(uriOrRequest, [opts]) -> Promise` + +This function implements most of the [`fetch` API](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch): given a `uri` string or a `Request` instance, it will fire off an http request and return a Promise containing the relevant response. + +If `opts` is provided, the [`node-fetch`-specific options](#node-fetch-options) will be passed to that library. There are also [additional options](#extra-options) specific to make-fetch-happen that add various features, such as HTTP caching, integrity verification, proxy support, and more. + +##### Example + +```javascript +fetch('https://google.com').then(res => res.buffer()) +``` + +#### `> fetch.defaults([defaultUrl], [defaultOpts])` + +Returns a new `fetch` function that will call `make-fetch-happen` using `defaultUrl` and `defaultOpts` as default values to any calls. + +A defaulted `fetch` will also have a `.defaults()` method, so they can be chained. + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-local-cache' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen') // will always use the cache +``` + +#### `> node-fetch options` + +The following options for `node-fetch` are used as-is: + +* method +* body +* redirect +* follow +* timeout +* compress +* size + +These other options are modified or augmented by make-fetch-happen: + +* headers - Default `User-Agent` set to make-fetch happen. `Connection` is set to `keep-alive` or `close` automatically depending on `opts.agent`. +* agent + * If agent is null, an http or https Agent will be automatically used. By default, these will be `http.globalAgent` and `https.globalAgent`. + * If [`opts.proxy`](#opts-proxy) is provided and `opts.agent` is null, the agent will be set to an appropriate proxy-handling agent. + * If `opts.agent` is an object, it will be used as the request-pooling agent argument for this request. + * If `opts.agent` is `false`, it will be passed as-is to the underlying request library. This causes a new Agent to be spawned for every request. + +For more details, see [the documentation for `node-fetch` itself](https://github.com/bitinn/node-fetch#options). + +#### `> make-fetch-happen options` + +make-fetch-happen augments the `node-fetch` API with additional features available through extra options. The following extra options are available: + +* [`opts.cacheManager`](#opts-cache-manager) - Cache target to read/write +* [`opts.cache`](#opts-cache) - `fetch` cache mode. Controls cache *behavior*. +* [`opts.proxy`](#opts-proxy) - Proxy agent +* [`opts.noProxy`](#opts-no-proxy) - Domain segments to disable proxying for. +* [`opts.ca, opts.cert, opts.key, opts.strictSSL`](#https-opts) +* [`opts.localAddress`](#opts-local-address) +* [`opts.maxSockets`](#opts-max-sockets) +* [`opts.retry`](#opts-retry) - Request retry settings +* [`opts.onRetry`](#opts-onretry) - a function called whenever a retry is attempted +* [`opts.integrity`](#opts-integrity) - [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. + +#### `> opts.cacheManager` + +Either a `String` or a `Cache`. If the former, it will be assumed to be a `Path` to be used as the cache root for [`cacache`](https://npm.im/cacache). + +If an object is provided, it will be assumed to be a compliant [`Cache` instance](https://developer.mozilla.org/en-US/docs/Web/API/Cache). Only `Cache.match()`, `Cache.put()`, and `Cache.delete()` are required. Options objects will not be passed in to `match()` or `delete()`. + +By implementing this API, you can customize the storage backend for make-fetch-happen itself -- for example, you could implement a cache that uses `redis` for caching, or simply keeps everything in memory. Most of the caching logic exists entirely on the make-fetch-happen side, so the only thing you need to worry about is reading, writing, and deleting, as well as making sure `fetch.Response` objects are what gets returned. + +You can refer to `cache.js` in the make-fetch-happen source code for a reference implementation. + +**NOTE**: Requests will not be cached unless their response bodies are consumed. You will need to use one of the `res.json()`, `res.buffer()`, etc methods on the response, or drain the `res.body` stream, in order for it to be written. + +The default cache manager also adds the following headers to cached responses: + +* `X-Local-Cache`: Path to the cache the content was found in +* `X-Local-Cache-Key`: Unique cache entry key for this response +* `X-Local-Cache-Hash`: Specific integrity hash for the cached entry +* `X-Local-Cache-Time`: UTCString of the cache insertion time for the entry + +Using [`cacache`](https://npm.im/cacache), a call like this may be used to +manually fetch the cached entry: + +```javascript +const h = response.headers +cacache.get(h.get('x-local-cache'), h.get('x-local-cache-key')) + +// grab content only, directly: +cacache.get.byDigest(h.get('x-local-cache'), h.get('x-local-cache-hash')) +``` + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + cacheManager: './my-local-cache' +}) // -> 200-level response will be written to disk + +fetch('https://npm.im/cacache', { + cacheManager: new MyCustomRedisCache(process.env.PORT) +}) // -> 200-level response will be written to redis +``` + +A possible (minimal) implementation for `MyCustomRedisCache`: + +```javascript +const bluebird = require('bluebird') +const redis = require("redis") +bluebird.promisifyAll(redis.RedisClient.prototype) +class MyCustomRedisCache { + constructor (opts) { + this.redis = redis.createClient(opts) + } + match (req) { + return this.redis.getAsync(req.url).then(res => { + if (res) { + const parsed = JSON.parse(res) + return new fetch.Response(parsed.body, { + url: req.url, + headers: parsed.headers, + status: 200 + }) + } + }) + } + put (req, res) { + return res.buffer().then(body => { + return this.redis.setAsync(req.url, JSON.stringify({ + body: body, + headers: res.headers.raw() + })) + }).then(() => { + // return the response itself + return res + }) + } + 'delete' (req) { + return this.redis.unlinkAsync(req.url) + } +} +``` + +#### `> opts.cache` + +This option follows the standard `fetch` API cache option. This option will do nothing if [`opts.cacheManager`](#opts-cache-manager) is null. The following values are accepted (as strings): + +* `default` - Fetch will inspect the HTTP cache on the way to the network. If there is a fresh response it will be used. If there is a stale response a conditional request will be created, and a normal request otherwise. It then updates the HTTP cache with the response. If the revalidation request fails (for example, on a 500 or if you're offline), the stale response will be returned. +* `no-store` - Fetch behaves as if there is no HTTP cache at all. +* `reload` - Fetch behaves as if there is no HTTP cache on the way to the network. Ergo, it creates a normal request and updates the HTTP cache with the response. +* `no-cache` - Fetch creates a conditional request if there is a response in the HTTP cache and a normal request otherwise. It then updates the HTTP cache with the response. +* `force-cache` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it creates a normal request and updates the HTTP cache with the response. +* `only-if-cached` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it returns a network error. (Can only be used when request’s mode is "same-origin". Any cached redirects will be followed assuming request’s redirect mode is "follow" and the redirects do not violate request’s mode.) + +(Note: option descriptions are taken from https://fetch.spec.whatwg.org/#http-network-or-cache-fetch) + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' +}) + +// Will error with ENOTCACHED if we haven't already cached this url +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'only-if-cached' +}) + +// Will refresh any local content and cache the new response +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'reload' +}) + +// Will use any local data, even if stale. Otherwise, will hit network. +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'force-cache' +}) +``` + +#### `> opts.proxy` + +A string or `url.parse`-d URI to proxy through. Different Proxy handlers will be +used depending on the proxy's protocol. + +Additionally, `process.env.HTTP_PROXY`, `process.env.HTTPS_PROXY`, and +`process.env.PROXY` are used if present and no `opts.proxy` value is provided. + +(Pending) `process.env.NO_PROXY` may also be configured to skip proxying requests for all, or specific domains. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: 'https://corporate.yourcompany.proxy:4445' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: { + protocol: 'https:', + hostname: 'corporate.yourcompany.proxy', + port: 4445 + } +}) +``` + +#### `> opts.noProxy` + +If present, should be a comma-separated string or an array of domain extensions +that a proxy should _not_ be used for. + +This option may also be provided through `process.env.NO_PROXY`. + +#### `> opts.ca, opts.cert, opts.key, opts.strictSSL` + +These values are passed in directly to the HTTPS agent and will be used for both +proxied and unproxied outgoing HTTPS requests. They mostly correspond to the +same options the `https` module accepts, which will be themselves passed to +`tls.connect()`. `opts.strictSSL` corresponds to `rejectUnauthorized`. + +#### `> opts.localAddress` + +Passed directly to `http` and `https` request calls. Determines the local +address to bind to. + +#### `> opts.maxSockets` + +Default: 15 + +Maximum number of active concurrent sockets to use for the underlying +Http/Https/Proxy agents. This setting applies once per spawned agent. + +15 is probably a _pretty good value_ for most use-cases, and balances speed +with, uh, not knocking out people's routers. 🤓 + +#### `> opts.retry` + +An object that can be used to tune request retry settings. Retries will only be attempted on the following conditions: + +* Request method is NOT `POST` AND +* Request status is one of: `408`, `420`, `429`, or any status in the 500-range. OR +* Request errored with `ECONNRESET`, `ECONNREFUSED`, `EADDRINUSE`, `ETIMEDOUT`, or the `fetch` error `request-timeout`. + +The following are worth noting as explicitly not retried: + +* `getaddrinfo ENOTFOUND` and will be assumed to be either an unreachable domain or the user will be assumed offline. If a response is cached, it will be returned immediately. +* `ECONNRESET` currently has no support for restarting. It will eventually be supported but requires a bit more juggling due to streaming. + +If `opts.retry` is `false`, it is equivalent to `{retries: 0}` + +If `opts.retry` is a number, it is equivalent to `{retries: num}` + +The following retry options are available if you want more control over it: + +* retries +* factor +* minTimeout +* maxTimeout +* randomize + +For details on what each of these do, refer to the [`retry`](https://npm.im/retry) documentation. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + retry: { + retries: 10, + randomize: true + } +}) + +fetch('http://reliable.site.com', { + retry: false +}) + +fetch('http://one-more.site.com', { + retry: 3 +}) +``` + +#### `> opts.onRetry` + +A function called whenever a retry is attempted. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + onRetry() { + console.log('we will retry!') + } +}) +``` + +#### `> opts.integrity` + +Matches the response body against the given [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. If verification fails, the request will fail with an `EINTEGRITY` error. + +`integrity` may either be a string or an [`ssri`](https://npm.im/ssri) `Integrity`-like. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // -> ok + +fetch('https://malicious-registry.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // Error: EINTEGRITY +``` + +### Message From Our Sponsors + +![](stop.gif) + +![](happening.gif) diff --git a/node_modules/libnpmteam/node_modules/make-fetch-happen/agent.js b/node_modules/libnpmteam/node_modules/make-fetch-happen/agent.js new file mode 100644 index 0000000000000..55675946ad97d --- /dev/null +++ b/node_modules/libnpmteam/node_modules/make-fetch-happen/agent.js @@ -0,0 +1,171 @@ +'use strict' +const LRU = require('lru-cache') +const url = require('url') + +let AGENT_CACHE = new LRU({ max: 50 }) +let HttpsAgent +let HttpAgent + +module.exports = getAgent + +function getAgent (uri, opts) { + const parsedUri = url.parse(typeof uri === 'string' ? uri : uri.url) + const isHttps = parsedUri.protocol === 'https:' + const pxuri = getProxyUri(uri, opts) + + const key = [ + `https:${isHttps}`, + pxuri + ? `proxy:${pxuri.protocol}//${pxuri.host}:${pxuri.port}` + : '>no-proxy<', + `local-address:${opts.localAddress || '>no-local-address<'}`, + `strict-ssl:${isHttps ? !!opts.strictSSL : '>no-strict-ssl<'}`, + `ca:${(isHttps && opts.ca) || '>no-ca<'}`, + `cert:${(isHttps && opts.cert) || '>no-cert<'}`, + `key:${(isHttps && opts.key) || '>no-key<'}` + ].join(':') + + if (opts.agent != null) { // `agent: false` has special behavior! + return opts.agent + } + + if (AGENT_CACHE.peek(key)) { + return AGENT_CACHE.get(key) + } + + if (pxuri) { + const proxy = getProxy(pxuri, opts, isHttps) + AGENT_CACHE.set(key, proxy) + return proxy + } + + if (isHttps && !HttpsAgent) { + HttpsAgent = require('agentkeepalive').HttpsAgent + } else if (!isHttps && !HttpAgent) { + HttpAgent = require('agentkeepalive') + } + + // If opts.timeout is zero, set the agentTimeout to zero as well. A timeout + // of zero disables the timeout behavior (OS limits still apply). Else, if + // opts.timeout is a non-zero value, set it to timeout + 1, to ensure that + // the node-fetch-npm timeout will always fire first, giving us more + // consistent errors. + const agentTimeout = opts.timeout === 0 ? 0 : opts.timeout + 1 + + const agent = isHttps ? new HttpsAgent({ + maxSockets: opts.maxSockets || 15, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + localAddress: opts.localAddress, + rejectUnauthorized: opts.strictSSL, + timeout: agentTimeout + }) : new HttpAgent({ + maxSockets: opts.maxSockets || 15, + localAddress: opts.localAddress, + timeout: agentTimeout + }) + AGENT_CACHE.set(key, agent) + return agent +} + +function checkNoProxy (uri, opts) { + const host = url.parse(uri).hostname.split('.').reverse() + let noproxy = (opts.noProxy || getProcessEnv('no_proxy')) + if (typeof noproxy === 'string') { + noproxy = noproxy.split(/\s*,\s*/g) + } + return noproxy && noproxy.some(no => { + const noParts = no.split('.').filter(x => x).reverse() + if (!noParts.length) { return false } + for (let i = 0; i < noParts.length; i++) { + if (host[i] !== noParts[i]) { + return false + } + } + return true + }) +} + +module.exports.getProcessEnv = getProcessEnv + +function getProcessEnv (env) { + if (!env) { return } + + let value + + if (Array.isArray(env)) { + for (let e of env) { + value = process.env[e] || + process.env[e.toUpperCase()] || + process.env[e.toLowerCase()] + if (typeof value !== 'undefined') { break } + } + } + + if (typeof env === 'string') { + value = process.env[env] || + process.env[env.toUpperCase()] || + process.env[env.toLowerCase()] + } + + return value +} + +function getProxyUri (uri, opts) { + const protocol = url.parse(uri).protocol + + const proxy = opts.proxy || ( + protocol === 'https:' && getProcessEnv('https_proxy') + ) || ( + protocol === 'http:' && getProcessEnv(['https_proxy', 'http_proxy', 'proxy']) + ) + if (!proxy) { return null } + + const parsedProxy = (typeof proxy === 'string') ? url.parse(proxy) : proxy + + return !checkNoProxy(uri, opts) && parsedProxy +} + +let HttpProxyAgent +let HttpsProxyAgent +let SocksProxyAgent +function getProxy (proxyUrl, opts, isHttps) { + let popts = { + host: proxyUrl.hostname, + port: proxyUrl.port, + protocol: proxyUrl.protocol, + path: proxyUrl.path, + auth: proxyUrl.auth, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + timeout: opts.timeout === 0 ? 0 : opts.timeout + 1, + localAddress: opts.localAddress, + maxSockets: opts.maxSockets || 15, + rejectUnauthorized: opts.strictSSL + } + + if (proxyUrl.protocol === 'http:' || proxyUrl.protocol === 'https:') { + if (!isHttps) { + if (!HttpProxyAgent) { + HttpProxyAgent = require('http-proxy-agent') + } + + return new HttpProxyAgent(popts) + } else { + if (!HttpsProxyAgent) { + HttpsProxyAgent = require('https-proxy-agent') + } + + return new HttpsProxyAgent(popts) + } + } + if (proxyUrl.protocol.startsWith('socks')) { + if (!SocksProxyAgent) { + SocksProxyAgent = require('socks-proxy-agent') + } + + return new SocksProxyAgent(popts) + } +} diff --git a/node_modules/libnpmteam/node_modules/make-fetch-happen/cache.js b/node_modules/libnpmteam/node_modules/make-fetch-happen/cache.js new file mode 100644 index 0000000000000..0c519e69fbe81 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/make-fetch-happen/cache.js @@ -0,0 +1,249 @@ +'use strict' + +const cacache = require('cacache') +const fetch = require('node-fetch-npm') +const pipe = require('mississippi').pipe +const ssri = require('ssri') +const through = require('mississippi').through +const to = require('mississippi').to +const url = require('url') +const stream = require('stream') + +const MAX_MEM_SIZE = 5 * 1024 * 1024 // 5MB + +function cacheKey (req) { + const parsed = url.parse(req.url) + return `make-fetch-happen:request-cache:${ + url.format({ + protocol: parsed.protocol, + slashes: parsed.slashes, + host: parsed.host, + hostname: parsed.hostname, + pathname: parsed.pathname + }) + }` +} + +// This is a cacache-based implementation of the Cache standard, +// using node-fetch. +// docs: https://developer.mozilla.org/en-US/docs/Web/API/Cache +// +module.exports = class Cache { + constructor (path, opts) { + this._path = path + this._uid = opts && opts.uid + this._gid = opts && opts.gid + this.Promise = (opts && opts.Promise) || Promise + } + + // Returns a Promise that resolves to the response associated with the first + // matching request in the Cache object. + match (req, opts) { + opts = opts || {} + const key = cacheKey(req) + return cacache.get.info(this._path, key).then(info => { + return info && cacache.get.hasContent( + this._path, info.integrity, opts + ).then(exists => exists && info) + }).then(info => { + if (info && info.metadata && matchDetails(req, { + url: info.metadata.url, + reqHeaders: new fetch.Headers(info.metadata.reqHeaders), + resHeaders: new fetch.Headers(info.metadata.resHeaders), + cacheIntegrity: info.integrity, + integrity: opts && opts.integrity + })) { + const resHeaders = new fetch.Headers(info.metadata.resHeaders) + addCacheHeaders(resHeaders, this._path, key, info.integrity, info.time) + if (req.method === 'HEAD') { + return new fetch.Response(null, { + url: req.url, + headers: resHeaders, + status: 200 + }) + } + let body + const cachePath = this._path + // avoid opening cache file handles until a user actually tries to + // read from it. + if (opts.memoize !== false && info.size > MAX_MEM_SIZE) { + body = new stream.PassThrough() + const realRead = body._read + body._read = function (size) { + body._read = realRead + pipe( + cacache.get.stream.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }), + body, + err => body.emit(err)) + return realRead.call(this, size) + } + } else { + let readOnce = false + // cacache is much faster at bulk reads + body = new stream.Readable({ + read () { + if (readOnce) return this.push(null) + readOnce = true + cacache.get.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }).then(data => { + this.push(data) + this.push(null) + }, err => this.emit('error', err)) + } + }) + } + return this.Promise.resolve(new fetch.Response(body, { + url: req.url, + headers: resHeaders, + status: 200, + size: info.size + })) + } + }) + } + + // Takes both a request and its response and adds it to the given cache. + put (req, response, opts) { + opts = opts || {} + const size = response.headers.get('content-length') + const fitInMemory = !!size && opts.memoize !== false && size < MAX_MEM_SIZE + const ckey = cacheKey(req) + const cacheOpts = { + algorithms: opts.algorithms, + metadata: { + url: req.url, + reqHeaders: req.headers.raw(), + resHeaders: response.headers.raw() + }, + uid: this._uid, + gid: this._gid, + size, + memoize: fitInMemory && opts.memoize + } + if (req.method === 'HEAD' || response.status === 304) { + // Update metadata without writing + return cacache.get.info(this._path, ckey).then(info => { + // Providing these will bypass content write + cacheOpts.integrity = info.integrity + addCacheHeaders( + response.headers, this._path, ckey, info.integrity, info.time + ) + return new this.Promise((resolve, reject) => { + pipe( + cacache.get.stream.byDigest(this._path, info.integrity, cacheOpts), + cacache.put.stream(this._path, cacheKey(req), cacheOpts), + err => err ? reject(err) : resolve(response) + ) + }) + }).then(() => response) + } + let buf = [] + let bufSize = 0 + let cacheTargetStream = false + const cachePath = this._path + let cacheStream = to((chunk, enc, cb) => { + if (!cacheTargetStream) { + if (fitInMemory) { + cacheTargetStream = + to({highWaterMark: MAX_MEM_SIZE}, (chunk, enc, cb) => { + buf.push(chunk) + bufSize += chunk.length + cb() + }, done => { + cacache.put( + cachePath, + cacheKey(req), + Buffer.concat(buf, bufSize), + cacheOpts + ).then( + () => done(), + done + ) + }) + } else { + cacheTargetStream = + cacache.put.stream(cachePath, cacheKey(req), cacheOpts) + } + } + cacheTargetStream.write(chunk, enc, cb) + }, done => { + cacheTargetStream ? cacheTargetStream.end(done) : done() + }) + const oldBody = response.body + const newBody = through({highWaterMark: fitInMemory && MAX_MEM_SIZE}) + response.body = newBody + oldBody.once('error', err => newBody.emit('error', err)) + newBody.once('error', err => oldBody.emit('error', err)) + cacheStream.once('error', err => newBody.emit('error', err)) + pipe(oldBody, to((chunk, enc, cb) => { + cacheStream.write(chunk, enc, () => { + newBody.write(chunk, enc, cb) + }) + }, done => { + cacheStream.end(() => { + newBody.end(() => { + done() + }) + }) + }), err => err && newBody.emit('error', err)) + return response + } + + // Finds the Cache entry whose key is the request, and if found, deletes the + // Cache entry and returns a Promise that resolves to true. If no Cache entry + // is found, it returns false. + 'delete' (req, opts) { + opts = opts || {} + if (typeof opts.memoize === 'object') { + if (opts.memoize.reset) { + opts.memoize.reset() + } else if (opts.memoize.clear) { + opts.memoize.clear() + } else { + Object.keys(opts.memoize).forEach(k => { + opts.memoize[k] = null + }) + } + } + return cacache.rm.entry( + this._path, + cacheKey(req) + // TODO - true/false + ).then(() => false) + } +} + +function matchDetails (req, cached) { + const reqUrl = url.parse(req.url) + const cacheUrl = url.parse(cached.url) + const vary = cached.resHeaders.get('Vary') + // https://tools.ietf.org/html/rfc7234#section-4.1 + if (vary) { + if (vary.match(/\*/)) { + return false + } else { + const fieldsMatch = vary.split(/\s*,\s*/).every(field => { + return cached.reqHeaders.get(field) === req.headers.get(field) + }) + if (!fieldsMatch) { + return false + } + } + } + if (cached.integrity) { + return ssri.parse(cached.integrity).match(cached.cacheIntegrity) + } + reqUrl.hash = null + cacheUrl.hash = null + return url.format(reqUrl) === url.format(cacheUrl) +} + +function addCacheHeaders (resHeaders, path, key, hash, time) { + resHeaders.set('X-Local-Cache', encodeURIComponent(path)) + resHeaders.set('X-Local-Cache-Key', encodeURIComponent(key)) + resHeaders.set('X-Local-Cache-Hash', encodeURIComponent(hash)) + resHeaders.set('X-Local-Cache-Time', new Date(time).toUTCString()) +} diff --git a/node_modules/libnpmteam/node_modules/make-fetch-happen/index.js b/node_modules/libnpmteam/node_modules/make-fetch-happen/index.js new file mode 100644 index 0000000000000..0f2c164e19f28 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/make-fetch-happen/index.js @@ -0,0 +1,482 @@ +'use strict' + +let Cache +const url = require('url') +const CachePolicy = require('http-cache-semantics') +const fetch = require('node-fetch-npm') +const pkg = require('./package.json') +const retry = require('promise-retry') +let ssri +const Stream = require('stream') +const getAgent = require('./agent') +const setWarning = require('./warning') + +const isURL = /^https?:/ +const USER_AGENT = `${pkg.name}/${pkg.version} (+https://npm.im/${pkg.name})` + +const RETRY_ERRORS = [ + 'ECONNRESET', // remote socket closed on us + 'ECONNREFUSED', // remote host refused to open connection + 'EADDRINUSE', // failed to bind to a local port (proxy?) + 'ETIMEDOUT' // someone in the transaction is WAY TOO SLOW + // Known codes we do NOT retry on: + // ENOTFOUND (getaddrinfo failure. Either bad hostname, or offline) +] + +const RETRY_TYPES = [ + 'request-timeout' +] + +// https://fetch.spec.whatwg.org/#http-network-or-cache-fetch +module.exports = cachingFetch +cachingFetch.defaults = function (_uri, _opts) { + const fetch = this + if (typeof _uri === 'object') { + _opts = _uri + _uri = null + } + + function defaultedFetch (uri, opts) { + const finalOpts = Object.assign({}, _opts || {}, opts || {}) + return fetch(uri || _uri, finalOpts) + } + + defaultedFetch.defaults = fetch.defaults + defaultedFetch.delete = fetch.delete + return defaultedFetch +} + +cachingFetch.delete = cacheDelete +function cacheDelete (uri, opts) { + opts = configureOptions(opts) + if (opts.cacheManager) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + return opts.cacheManager.delete(req, opts) + } +} + +function initializeCache (opts) { + if (typeof opts.cacheManager === 'string') { + if (!Cache) { + // Default cacache-based cache + Cache = require('./cache') + } + + opts.cacheManager = new Cache(opts.cacheManager, opts) + } + + opts.cache = opts.cache || 'default' + + if (opts.cache === 'default' && isHeaderConditional(opts.headers)) { + // If header list contains `If-Modified-Since`, `If-None-Match`, + // `If-Unmodified-Since`, `If-Match`, or `If-Range`, fetch will set cache + // mode to "no-store" if it is "default". + opts.cache = 'no-store' + } +} + +function configureOptions (_opts) { + const opts = Object.assign({}, _opts || {}) + opts.method = (opts.method || 'GET').toUpperCase() + + if (opts.retry && typeof opts.retry === 'number') { + opts.retry = { retries: opts.retry } + } + + if (opts.retry === false) { + opts.retry = { retries: 0 } + } + + if (opts.cacheManager) { + initializeCache(opts) + } + + return opts +} + +function initializeSsri () { + if (!ssri) { + ssri = require('ssri') + } +} + +function cachingFetch (uri, _opts) { + const opts = configureOptions(_opts) + + if (opts.integrity) { + initializeSsri() + // if verifying integrity, node-fetch must not decompress + opts.compress = false + } + + const isCachable = (opts.method === 'GET' || opts.method === 'HEAD') && + opts.cacheManager && + opts.cache !== 'no-store' && + opts.cache !== 'reload' + + if (isCachable) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + + return opts.cacheManager.match(req, opts).then(res => { + if (res) { + const warningCode = (res.headers.get('Warning') || '').match(/^\d+/) + if (warningCode && +warningCode >= 100 && +warningCode < 200) { + // https://tools.ietf.org/html/rfc7234#section-4.3.4 + // + // If a stored response is selected for update, the cache MUST: + // + // * delete any Warning header fields in the stored response with + // warn-code 1xx (see Section 5.5); + // + // * retain any Warning header fields in the stored response with + // warn-code 2xx; + // + res.headers.delete('Warning') + } + + if (opts.cache === 'default' && !isStale(req, res)) { + return res + } + + if (opts.cache === 'default' || opts.cache === 'no-cache') { + return conditionalFetch(req, res, opts) + } + + if (opts.cache === 'force-cache' || opts.cache === 'only-if-cached') { + // 112 Disconnected operation + // SHOULD be included if the cache is intentionally disconnected from + // the rest of the network for a period of time. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(res, 112, 'Disconnected operation') + return res + } + } + + if (!res && opts.cache === 'only-if-cached') { + const errorMsg = `request to ${ + uri + } failed: cache mode is 'only-if-cached' but no cached response available.` + + const err = new Error(errorMsg) + err.code = 'ENOTCACHED' + throw err + } + + // Missing cache entry, or mode is default (if stale), reload, no-store + return remoteFetch(req.url, opts) + }) + } + + return remoteFetch(uri, opts) +} + +function iterableToObject (iter) { + const obj = {} + for (let k of iter.keys()) { + obj[k] = iter.get(k) + } + return obj +} + +function makePolicy (req, res) { + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + const _res = { + status: res.status, + headers: iterableToObject(res.headers) + } + + return new CachePolicy(_req, _res, { shared: false }) +} + +// https://tools.ietf.org/html/rfc7234#section-4.2 +function isStale (req, res) { + if (!res) { + return null + } + + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + + const policy = makePolicy(req, res) + + const responseTime = res.headers.get('x-local-cache-time') || + res.headers.get('date') || + 0 + + policy._responseTime = new Date(responseTime) + + const bool = !policy.satisfiesWithoutRevalidation(_req) + return bool +} + +function mustRevalidate (res) { + return (res.headers.get('cache-control') || '').match(/must-revalidate/i) +} + +function conditionalFetch (req, cachedRes, opts) { + const _req = { + url: req.url, + method: req.method, + headers: Object.assign({}, opts.headers || {}) + } + + const policy = makePolicy(req, cachedRes) + opts.headers = policy.revalidationHeaders(_req) + + return remoteFetch(req.url, opts) + .then(condRes => { + const revalidatedPolicy = policy.revalidatedPolicy(_req, { + status: condRes.status, + headers: iterableToObject(condRes.headers) + }) + + if (condRes.status >= 500 && !mustRevalidate(cachedRes)) { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + return cachedRes + } + + if (condRes.status === 304) { // 304 Not Modified + condRes.body = cachedRes.body + return opts.cacheManager.put(req, condRes, opts) + .then(newRes => { + newRes.headers = new fetch.Headers(revalidatedPolicy.policy.responseHeaders()) + return newRes + }) + } + + return condRes + }) + .then(res => res) + .catch(err => { + if (mustRevalidate(cachedRes)) { + throw err + } else { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + // 199 Miscellaneous warning + // The warning text MAY include arbitrary information to be presented to + // a human user, or logged. A system receiving this warning MUST NOT take + // any automated action, besides presenting the warning to the user. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning( + cachedRes, + 199, + `Miscellaneous Warning ${err.code}: ${err.message}` + ) + + return cachedRes + } + }) +} + +function remoteFetchHandleIntegrity (res, integrity) { + const oldBod = res.body + const newBod = ssri.integrityStream({ + integrity + }) + oldBod.pipe(newBod) + res.body = newBod + oldBod.once('error', err => { + newBod.emit('error', err) + }) + newBod.once('error', err => { + oldBod.emit('error', err) + }) +} + +function remoteFetch (uri, opts) { + const agent = getAgent(uri, opts) + const headers = Object.assign({ + 'connection': agent ? 'keep-alive' : 'close', + 'user-agent': USER_AGENT + }, opts.headers || {}) + + const reqOpts = { + agent, + body: opts.body, + compress: opts.compress, + follow: opts.follow, + headers: new fetch.Headers(headers), + method: opts.method, + redirect: 'manual', + size: opts.size, + counter: opts.counter, + timeout: opts.timeout + } + + return retry( + (retryHandler, attemptNum) => { + const req = new fetch.Request(uri, reqOpts) + return fetch(req) + .then(res => { + res.headers.set('x-fetch-attempts', attemptNum) + + if (opts.integrity) { + remoteFetchHandleIntegrity(res, opts.integrity) + } + + const isStream = req.body instanceof Stream + + if (opts.cacheManager) { + const isMethodGetHead = req.method === 'GET' || + req.method === 'HEAD' + + const isCachable = opts.cache !== 'no-store' && + isMethodGetHead && + makePolicy(req, res).storable() && + res.status === 200 // No other statuses should be stored! + + if (isCachable) { + return opts.cacheManager.put(req, res, opts) + } + + if (!isMethodGetHead) { + return opts.cacheManager.delete(req).then(() => { + if (res.status >= 500 && req.method !== 'POST' && !isStream) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + return res + }) + } + } + + const isRetriable = req.method !== 'POST' && + !isStream && ( + res.status === 408 || // Request Timeout + res.status === 420 || // Enhance Your Calm (usually Twitter rate-limit) + res.status === 429 || // Too Many Requests ("standard" rate-limiting) + res.status >= 500 // Assume server errors are momentary hiccups + ) + + if (isRetriable) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + if (!fetch.isRedirect(res.status) || opts.redirect === 'manual') { + return res + } + + // handle redirects - matches behavior of npm-fetch: https://github.com/bitinn/node-fetch + if (opts.redirect === 'error') { + const err = new Error(`redirect mode is set to error: ${uri}`) + err.code = 'ENOREDIRECT' + throw err + } + + if (!res.headers.get('location')) { + const err = new Error(`redirect location header missing at: ${uri}`) + err.code = 'EINVALIDREDIRECT' + throw err + } + + if (req.counter >= req.follow) { + const err = new Error(`maximum redirect reached at: ${uri}`) + err.code = 'EMAXREDIRECT' + throw err + } + + const resolvedUrl = url.resolve(req.url, res.headers.get('location')) + let redirectURL = url.parse(resolvedUrl) + + if (isURL.test(res.headers.get('location'))) { + redirectURL = url.parse(res.headers.get('location')) + } + + // Remove authorization if changing hostnames (but not if just + // changing ports or protocols). This matches the behavior of request: + // https://github.com/request/request/blob/b12a6245/lib/redirect.js#L134-L138 + if (url.parse(req.url).hostname !== redirectURL.hostname) { + req.headers.delete('authorization') + } + + // for POST request with 301/302 response, or any request with 303 response, + // use GET when following redirect + if (res.status === 303 || + ((res.status === 301 || res.status === 302) && req.method === 'POST')) { + opts.method = 'GET' + opts.body = null + req.headers.delete('content-length') + } + + opts.headers = {} + req.headers.forEach((value, name) => { + opts.headers[name] = value + }) + + opts.counter = ++req.counter + return cachingFetch(resolvedUrl, opts) + }) + .catch(err => { + const code = err.code === 'EPROMISERETRY' ? err.retried.code : err.code + + const isRetryError = RETRY_ERRORS.indexOf(code) === -1 && + RETRY_TYPES.indexOf(err.type) === -1 + + if (req.method === 'POST' || isRetryError) { + throw err + } + + if (typeof opts.onRetry === 'function') { + opts.onRetry(err) + } + + return retryHandler(err) + }) + }, + opts.retry + ).catch(err => { + if (err.status >= 400) { + return err + } + + throw err + }) +} + +function isHeaderConditional (headers) { + if (!headers || typeof headers !== 'object') { + return false + } + + const modifiers = [ + 'if-modified-since', + 'if-none-match', + 'if-unmodified-since', + 'if-match', + 'if-range' + ] + + return Object.keys(headers) + .some(h => modifiers.indexOf(h.toLowerCase()) !== -1) +} diff --git a/node_modules/libnpmteam/node_modules/make-fetch-happen/package.json b/node_modules/libnpmteam/node_modules/make-fetch-happen/package.json new file mode 100644 index 0000000000000..8436138d1e087 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/make-fetch-happen/package.json @@ -0,0 +1,94 @@ +{ + "_from": "make-fetch-happen@^4.0.2", + "_id": "make-fetch-happen@4.0.2", + "_inBundle": false, + "_integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "_location": "/libnpmteam/make-fetch-happen", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "make-fetch-happen@^4.0.2", + "name": "make-fetch-happen", + "escapedName": "make-fetch-happen", + "rawSpec": "^4.0.2", + "saveSpec": null, + "fetchSpec": "^4.0.2" + }, + "_requiredBy": [ + "/libnpmteam/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "_shasum": "2d156b11696fb32bffbafe1ac1bc085dd6c78a79", + "_spec": "make-fetch-happen@^4.0.2", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmteam/node_modules/npm-registry-fetch", + "author": { + "name": "Kat Marchán", + "email": "kzm@zkat.tech" + }, + "bugs": { + "url": "https://github.com/zkat/make-fetch-happen/issues" + }, + "bundleDependencies": false, + "dependencies": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + }, + "deprecated": false, + "description": "Opinionated, caching, retrying fetch client", + "devDependencies": { + "bluebird": "^3.5.1", + "mkdirp": "^0.5.1", + "nock": "^9.2.3", + "npmlog": "^4.1.2", + "require-inject": "^1.4.2", + "rimraf": "^2.6.2", + "safe-buffer": "^5.1.1", + "standard": "^11.0.1", + "standard-version": "^4.3.0", + "tacks": "^1.2.6", + "tap": "^12.7.0", + "weallbehave": "^1.0.0", + "weallcontribute": "^1.0.7" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/zkat/make-fetch-happen#readme", + "keywords": [ + "http", + "request", + "fetch", + "mean girls", + "caching", + "cache", + "subresource integrity" + ], + "license": "ISC", + "main": "index.js", + "name": "make-fetch-happen", + "repository": { + "type": "git", + "url": "git+https://github.com/zkat/make-fetch-happen.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap --coverage --nyc-arg=--all --timeout=35 -J test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmteam/node_modules/make-fetch-happen/warning.js b/node_modules/libnpmteam/node_modules/make-fetch-happen/warning.js new file mode 100644 index 0000000000000..b8f13cf83195a --- /dev/null +++ b/node_modules/libnpmteam/node_modules/make-fetch-happen/warning.js @@ -0,0 +1,24 @@ +const url = require('url') + +module.exports = setWarning + +function setWarning (reqOrRes, code, message, replace) { + // Warning = "Warning" ":" 1#warning-value + // warning-value = warn-code SP warn-agent SP warn-text [SP warn-date] + // warn-code = 3DIGIT + // warn-agent = ( host [ ":" port ] ) | pseudonym + // ; the name or pseudonym of the server adding + // ; the Warning header, for use in debugging + // warn-text = quoted-string + // warn-date = <"> HTTP-date <"> + // (https://tools.ietf.org/html/rfc2616#section-14.46) + const host = url.parse(reqOrRes.url).host + const jsonMessage = JSON.stringify(message) + const jsonDate = JSON.stringify(new Date().toUTCString()) + const header = replace ? 'set' : 'append' + + reqOrRes.headers[header]( + 'Warning', + `${code} ${host} ${jsonMessage} ${jsonDate}` + ) +} diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmteam/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 0000000000000..d24e026914c23 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,214 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + + +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + + +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + + +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + + +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + + +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + + +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + + +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + + +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + + +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + + +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + + +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + + +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + + +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + + +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + + +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + + +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + + +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmteam/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmteam/node_modules/npm-registry-fetch/README.md new file mode 100644 index 0000000000000..0c3f4f9469955 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [![npm version](https://img.shields.io/npm/v/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![license](https://img.shields.io/npm/l/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![Travis](https://img.shields.io/travis/npm/npm-registry-fetch/latest.svg)](https://travis-ci.org/npm/npm-registry-fetch) [![AppVeyor](https://img.shields.io/appveyor/ci/zkat/npm-registry-fetch/latest.svg)](https://ci.appveyor.com/project/npm/npm-registry-fetch) [![Coverage Status](https://coveralls.io/repos/github/npm/npm-registry-fetch/badge.svg?branch=latest)](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(url, [opts]) -> Promise` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### `> fetch.json(url, [opts]) -> Promise` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### `opts.:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@/node@+ ()'` + +User agent string to send in the `User-Agent` header. + +##### `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 0000000000000..d583982d0a8b2 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 0000000000000..bfde699edcfbd --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/config.js new file mode 100644 index 0000000000000..7fe5dacc94362 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,98 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gid': {}, + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'uid': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 0000000000000..ba78735fce135 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/index.js new file mode 100644 index 0000000000000..4ba3c19243471 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,193 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout, + uid: opts.uid, + gid: opts.gid + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmteam/node_modules/npm-registry-fetch/package.json new file mode 100644 index 0000000000000..32d051b741a1c --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,92 @@ +{ + "_from": "npm-registry-fetch@^3.8.0", + "_id": "npm-registry-fetch@3.9.1", + "_inBundle": false, + "_integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "_location": "/libnpmteam/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^3.8.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^3.8.0", + "saveSpec": null, + "fetchSpec": "^3.8.0" + }, + "_requiredBy": [ + "/libnpmteam" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "_shasum": "00ff6e4e35d3f75a172b332440b53e93f4cb67de", + "_spec": "npm-registry-fetch@^3.8.0", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/libnpmteam", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^11.3.3", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "3.9.1" +} diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 0000000000000..886c5d55b2dbb --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/make-fetch-happen/CHANGELOG.md b/node_modules/make-fetch-happen/CHANGELOG.md index a446842f55d80..eb28e410f2b70 100644 --- a/node_modules/make-fetch-happen/CHANGELOG.md +++ b/node_modules/make-fetch-happen/CHANGELOG.md @@ -2,6 +2,22 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +# [5.0.0](https://github.com/zkat/make-fetch-happen/compare/v4.0.2...v5.0.0) (2019-07-15) + + +### Features + +* cacache@12, no need for uid/gid opts ([fdb956f](https://github.com/zkat/make-fetch-happen/commit/fdb956f)) + + +### BREAKING CHANGES + +* cache uid and gid are inferred from the cache folder itself, +not passed in as options. + + + ## [4.0.2](https://github.com/zkat/make-fetch-happen/compare/v4.0.1...v4.0.2) (2019-07-02) diff --git a/node_modules/make-fetch-happen/cache.js b/node_modules/make-fetch-happen/cache.js index 0c519e69fbe81..f842ba19da2e1 100644 --- a/node_modules/make-fetch-happen/cache.js +++ b/node_modules/make-fetch-happen/cache.js @@ -31,8 +31,6 @@ function cacheKey (req) { module.exports = class Cache { constructor (path, opts) { this._path = path - this._uid = opts && opts.uid - this._gid = opts && opts.gid this.Promise = (opts && opts.Promise) || Promise } @@ -118,8 +116,6 @@ module.exports = class Cache { reqHeaders: req.headers.raw(), resHeaders: response.headers.raw() }, - uid: this._uid, - gid: this._gid, size, memoize: fitInMemory && opts.memoize } diff --git a/node_modules/make-fetch-happen/node_modules/cacache/CHANGELOG.md b/node_modules/make-fetch-happen/node_modules/cacache/CHANGELOG.md new file mode 100644 index 0000000000000..b444fa022667a --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/CHANGELOG.md @@ -0,0 +1,637 @@ +# Changelog + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +## [12.0.0](https://github.com/zkat/cacache/compare/v11.3.3...v12.0.0) (2019-07-15) + + +### Features + +* infer uid/gid instead of accepting as options ([ac84d14](https://github.com/zkat/cacache/commit/ac84d14)) +* **i18n:** add another error message ([676cb32](https://github.com/zkat/cacache/commit/676cb32)) + + +### BREAKING CHANGES + +* the uid gid options are no longer respected or +necessary. As of this change, cacache will always match the cache +contents to the ownership of the cache directory (or its parent +directory), regardless of what the caller passes in. + +Reasoning: + +The number one reason to use a uid or gid option was to keep root-owned +files from causing problems in the cache. In npm's case, this meant +that CLI's ./lib/command.js had to work out the appropriate uid and gid, +then pass it to the libnpmcommand module, which had to in turn pass the +uid and gid to npm-registry-fetch, which then passed it to +make-fetch-happen, which passed it to cacache. (For package fetching, +pacote would be in that mix as well.) + +Added to that, `cacache.rm()` will actually _write_ a file into the +cache index, but has no way to accept an option so that its call to +entry-index.js will write the index with the appropriate uid/gid. +Little ownership bugs were all over the place, and tricky to trace +through. (Why should make-fetch-happen even care about accepting or +passing uids and gids? It's an http library.) + +This change allows us to keep the cache from having mixed ownership in +any situation. + +Of course, this _does_ mean that if you have a root-owned but +user-writable folder (for example, `/tmp`), then the cache will try to +chown everything to root. + +The solution is for the user to create a folder, make it user-owned, and +use that, rather than relying on cacache to create the root cache folder. + +If we decide to restore the uid/gid opts, and use ownership inferrence +only when uid/gid are unset, then take care to also make rm take an +option object, and pass it through to entry-index.js. + + + +### [11.3.3](https://github.com/zkat/cacache/compare/v11.3.2...v11.3.3) (2019-06-17) + + +### Bug Fixes + +* **audit:** npm audit fix ([200a6d5](https://github.com/zkat/cacache/commit/200a6d5)) +* **config:** Add ssri config 'error' option ([#146](https://github.com/zkat/cacache/issues/146)) ([47de8f5](https://github.com/zkat/cacache/commit/47de8f5)) +* **deps:** npm audit fix ([481a7dc](https://github.com/zkat/cacache/commit/481a7dc)) +* **standard:** standard --fix ([7799149](https://github.com/zkat/cacache/commit/7799149)) +* **write:** avoid another cb never called situation ([5156561](https://github.com/zkat/cacache/commit/5156561)) + + + + +## [11.3.2](https://github.com/zkat/cacache/compare/v11.3.1...v11.3.2) (2018-12-21) + + +### Bug Fixes + +* **get:** make sure to handle errors in the .then ([b10bcd0](https://github.com/zkat/cacache/commit/b10bcd0)) + + + + +## [11.3.1](https://github.com/zkat/cacache/compare/v11.3.0...v11.3.1) (2018-11-05) + + +### Bug Fixes + +* **get:** export hasContent.sync properly ([d76c920](https://github.com/zkat/cacache/commit/d76c920)) + + + + +# [11.3.0](https://github.com/zkat/cacache/compare/v11.2.0...v11.3.0) (2018-11-05) + + +### Features + +* **get:** add sync API for reading ([db1e094](https://github.com/zkat/cacache/commit/db1e094)) + + + + +# [11.2.0](https://github.com/zkat/cacache/compare/v11.1.0...v11.2.0) (2018-08-08) + + +### Features + +* **read:** add sync support to other internal read.js fns ([fe638b6](https://github.com/zkat/cacache/commit/fe638b6)) + + + + +# [11.1.0](https://github.com/zkat/cacache/compare/v11.0.3...v11.1.0) (2018-08-01) + + +### Features + +* **read:** add sync support for low-level content read ([b43af83](https://github.com/zkat/cacache/commit/b43af83)) + + + + +## [11.0.3](https://github.com/zkat/cacache/compare/v11.0.2...v11.0.3) (2018-08-01) + + +### Bug Fixes + +* **config:** add ssri config options ([#136](https://github.com/zkat/cacache/issues/136)) ([10d5d9a](https://github.com/zkat/cacache/commit/10d5d9a)) +* **perf:** refactor content.read to avoid lstats ([c5ac10e](https://github.com/zkat/cacache/commit/c5ac10e)) +* **test:** oops when removing safe-buffer ([1950490](https://github.com/zkat/cacache/commit/1950490)) + + + + +## [11.0.2](https://github.com/zkat/cacache/compare/v11.0.1...v11.0.2) (2018-05-07) + + +### Bug Fixes + +* **verify:** size param no longer lost in a verify ([#131](https://github.com/zkat/cacache/issues/131)) ([c614a19](https://github.com/zkat/cacache/commit/c614a19)), closes [#130](https://github.com/zkat/cacache/issues/130) + + + + +## [11.0.1](https://github.com/zkat/cacache/compare/v11.0.0...v11.0.1) (2018-04-10) + + + + +# [11.0.0](https://github.com/zkat/cacache/compare/v10.0.4...v11.0.0) (2018-04-09) + + +### Features + +* **opts:** use figgy-pudding for opts ([#128](https://github.com/zkat/cacache/issues/128)) ([33d4eed](https://github.com/zkat/cacache/commit/33d4eed)) + + +### meta + +* drop support for node@4 ([529f347](https://github.com/zkat/cacache/commit/529f347)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +## [10.0.4](https://github.com/zkat/cacache/compare/v10.0.3...v10.0.4) (2018-02-16) + + + + +## [10.0.3](https://github.com/zkat/cacache/compare/v10.0.2...v10.0.3) (2018-02-16) + + +### Bug Fixes + +* **content:** rethrow aggregate errors as ENOENT ([fa918f5](https://github.com/zkat/cacache/commit/fa918f5)) + + + + +## [10.0.2](https://github.com/zkat/cacache/compare/v10.0.1...v10.0.2) (2018-01-07) + + +### Bug Fixes + +* **ls:** deleted entries could cause a premature stream EOF ([347dc36](https://github.com/zkat/cacache/commit/347dc36)) + + + + +## [10.0.1](https://github.com/zkat/cacache/compare/v10.0.0...v10.0.1) (2017-11-15) + + +### Bug Fixes + +* **move-file:** actually use the fallback to `move-concurrently` (#110) ([073fbe1](https://github.com/zkat/cacache/commit/073fbe1)) + + + + +# [10.0.0](https://github.com/zkat/cacache/compare/v9.3.0...v10.0.0) (2017-10-23) + + +### Features + +* **license:** relicense to ISC (#111) ([fdbb4e5](https://github.com/zkat/cacache/commit/fdbb4e5)) + + +### Performance Improvements + +* more copyFile benchmarks ([63787bb](https://github.com/zkat/cacache/commit/63787bb)) + + +### BREAKING CHANGES + +* **license:** the license has been changed from CC0-1.0 to ISC. + + + + +# [9.3.0](https://github.com/zkat/cacache/compare/v9.2.9...v9.3.0) (2017-10-07) + + +### Features + +* **copy:** added cacache.get.copy api for fast copies (#107) ([067b5f6](https://github.com/zkat/cacache/commit/067b5f6)) + + + + +## [9.2.9](https://github.com/zkat/cacache/compare/v9.2.8...v9.2.9) (2017-06-17) + + + + +## [9.2.8](https://github.com/zkat/cacache/compare/v9.2.7...v9.2.8) (2017-06-05) + + +### Bug Fixes + +* **ssri:** bump ssri for bugfix ([c3232ea](https://github.com/zkat/cacache/commit/c3232ea)) + + + + +## [9.2.7](https://github.com/zkat/cacache/compare/v9.2.6...v9.2.7) (2017-06-05) + + +### Bug Fixes + +* **content:** make verified content completely read-only (#96) ([4131196](https://github.com/zkat/cacache/commit/4131196)) + + + + +## [9.2.6](https://github.com/zkat/cacache/compare/v9.2.5...v9.2.6) (2017-05-31) + + +### Bug Fixes + +* **node:** update ssri to prevent old node 4 crash ([5209ffe](https://github.com/zkat/cacache/commit/5209ffe)) + + + + +## [9.2.5](https://github.com/zkat/cacache/compare/v9.2.4...v9.2.5) (2017-05-25) + + +### Bug Fixes + +* **deps:** fix lockfile issues and bump ssri ([84e1d7e](https://github.com/zkat/cacache/commit/84e1d7e)) + + + + +## [9.2.4](https://github.com/zkat/cacache/compare/v9.2.3...v9.2.4) (2017-05-24) + + +### Bug Fixes + +* **deps:** bumping deps ([bbccb12](https://github.com/zkat/cacache/commit/bbccb12)) + + + + +## [9.2.3](https://github.com/zkat/cacache/compare/v9.2.2...v9.2.3) (2017-05-24) + + +### Bug Fixes + +* **rm:** stop crashing if content is missing on rm ([ac90bc0](https://github.com/zkat/cacache/commit/ac90bc0)) + + + + +## [9.2.2](https://github.com/zkat/cacache/compare/v9.2.1...v9.2.2) (2017-05-14) + + +### Bug Fixes + +* **i18n:** lets pretend this didn't happen ([519b4ee](https://github.com/zkat/cacache/commit/519b4ee)) + + + + +## [9.2.1](https://github.com/zkat/cacache/compare/v9.2.0...v9.2.1) (2017-05-14) + + +### Bug Fixes + +* **docs:** fixing translation messup ([bb9e4f9](https://github.com/zkat/cacache/commit/bb9e4f9)) + + + + +# [9.2.0](https://github.com/zkat/cacache/compare/v9.1.0...v9.2.0) (2017-05-14) + + +### Features + +* **i18n:** add Spanish translation for API ([531f9a4](https://github.com/zkat/cacache/commit/531f9a4)) + + + + +# [9.1.0](https://github.com/zkat/cacache/compare/v9.0.0...v9.1.0) (2017-05-14) + + +### Features + +* **i18n:** Add Spanish translation and i18n setup (#91) ([323b90c](https://github.com/zkat/cacache/commit/323b90c)) + + + + +# [9.0.0](https://github.com/zkat/cacache/compare/v8.0.0...v9.0.0) (2017-04-28) + + +### Bug Fixes + +* **memoization:** actually use the LRU ([0e55dc9](https://github.com/zkat/cacache/commit/0e55dc9)) + + +### Features + +* **memoization:** memoizers can be injected through opts.memoize (#90) ([e5614c7](https://github.com/zkat/cacache/commit/e5614c7)) + + +### BREAKING CHANGES + +* **memoization:** If you were passing an object to opts.memoize, it will now be used as an injected memoization object. If you were only passing booleans and other non-objects through that option, no changes are needed. + + + + +# [8.0.0](https://github.com/zkat/cacache/compare/v7.1.0...v8.0.0) (2017-04-22) + + +### Features + +* **read:** change hasContent to return {sri, size} (#88) ([bad6c49](https://github.com/zkat/cacache/commit/bad6c49)), closes [#87](https://github.com/zkat/cacache/issues/87) + + +### BREAKING CHANGES + +* **read:** hasContent now returns an object with `{sri, size}` instead of `sri`. Use `result.sri` anywhere that needed the old return value. + + + + +# [7.1.0](https://github.com/zkat/cacache/compare/v7.0.5...v7.1.0) (2017-04-20) + + +### Features + +* **size:** handle content size info (#49) ([91230af](https://github.com/zkat/cacache/commit/91230af)) + + + + +## [7.0.5](https://github.com/zkat/cacache/compare/v7.0.4...v7.0.5) (2017-04-18) + + +### Bug Fixes + +* **integrity:** new ssri with fixed integrity stream ([6d13e8e](https://github.com/zkat/cacache/commit/6d13e8e)) +* **write:** wrap stuff in promises to improve errors ([3624fc5](https://github.com/zkat/cacache/commit/3624fc5)) + + + + +## [7.0.4](https://github.com/zkat/cacache/compare/v7.0.3...v7.0.4) (2017-04-15) + + +### Bug Fixes + +* **fix-owner:** throw away ENOENTs on chownr ([d49bbcd](https://github.com/zkat/cacache/commit/d49bbcd)) + + + + +## [7.0.3](https://github.com/zkat/cacache/compare/v7.0.2...v7.0.3) (2017-04-05) + + +### Bug Fixes + +* **read:** fixing error message for integrity verification failures ([9d4f0a5](https://github.com/zkat/cacache/commit/9d4f0a5)) + + + + +## [7.0.2](https://github.com/zkat/cacache/compare/v7.0.1...v7.0.2) (2017-04-03) + + +### Bug Fixes + +* **integrity:** use EINTEGRITY error code and update ssri ([8dc2e62](https://github.com/zkat/cacache/commit/8dc2e62)) + + + + +## [7.0.1](https://github.com/zkat/cacache/compare/v7.0.0...v7.0.1) (2017-04-03) + + +### Bug Fixes + +* **docs:** fix header name conflict in readme ([afcd456](https://github.com/zkat/cacache/commit/afcd456)) + + + + +# [7.0.0](https://github.com/zkat/cacache/compare/v6.3.0...v7.0.0) (2017-04-03) + + +### Bug Fixes + +* **test:** fix content.write tests when running in docker ([d2e9b6a](https://github.com/zkat/cacache/commit/d2e9b6a)) + + +### Features + +* **integrity:** subresource integrity support (#78) ([b1e731f](https://github.com/zkat/cacache/commit/b1e731f)) + + +### BREAKING CHANGES + +* **integrity:** The entire API has been overhauled to use SRI hashes instead of digest/hashAlgorithm pairs. SRI hashes follow the Subresource Integrity standard and support strings and objects compatible with [`ssri`](https://npm.im/ssri). + +* This change bumps the index version, which will invalidate all previous index entries. Content entries will remain intact, and existing caches will automatically reuse any content from before this breaking change. + +* `cacache.get.info()`, `cacache.ls()`, and `cacache.ls.stream()` will now return objects that looks like this: + +``` +{ + key: String, + integrity: '-', + path: ContentPath, + time: Date, + metadata: Any +} +``` + +* `opts.digest` and `opts.hashAlgorithm` are obsolete for any API calls that used them. + +* Anywhere `opts.digest` was accepted, `opts.integrity` is now an option. Any valid SRI hash is accepted here -- multiple hash entries will be resolved according to the standard: first, the "strongest" hash algorithm will be picked, and then each of the entries for that algorithm will be matched against the content. Content will be validated if *any* of the entries match (so, a single integrity string can be used for multiple "versions" of the same document/data). + +* `put.byDigest()`, `put.stream.byDigest`, `get.byDigest()` and `get.stream.byDigest()` now expect an SRI instead of a `digest` + `opts.hashAlgorithm` pairing. + +* `get.hasContent()` now expects an integrity hash instead of a digest. If content exists, it will return the specific single integrity hash that was found in the cache. + +* `verify()` has learned to handle integrity-based caches, and forgotten how to handle old-style cache indices due to the format change. + +* `cacache.rm.content()` now expects an integrity hash instead of a hex digest. + + + + +# [6.3.0](https://github.com/zkat/cacache/compare/v6.2.0...v6.3.0) (2017-04-01) + + +### Bug Fixes + +* **fixOwner:** ignore EEXIST race condition from mkdirp ([4670e9b](https://github.com/zkat/cacache/commit/4670e9b)) +* **index:** ignore index removal races when inserting ([b9d2fa2](https://github.com/zkat/cacache/commit/b9d2fa2)) +* **memo:** use lru-cache for better mem management (#75) ([d8ac5aa](https://github.com/zkat/cacache/commit/d8ac5aa)) + + +### Features + +* **dependencies:** Switch to move-concurrently (#77) ([dc6482d](https://github.com/zkat/cacache/commit/dc6482d)) + + + + +# [6.2.0](https://github.com/zkat/cacache/compare/v6.1.2...v6.2.0) (2017-03-15) + + +### Bug Fixes + +* **index:** additional bucket entry verification with checksum (#72) ([f8e0f25](https://github.com/zkat/cacache/commit/f8e0f25)) +* **verify:** return fixOwner.chownr promise ([6818521](https://github.com/zkat/cacache/commit/6818521)) + + +### Features + +* **tmp:** safe tmp dir creation/management util (#73) ([c42da71](https://github.com/zkat/cacache/commit/c42da71)) + + + + +## [6.1.2](https://github.com/zkat/cacache/compare/v6.1.1...v6.1.2) (2017-03-13) + + +### Bug Fixes + +* **index:** set default hashAlgorithm ([d6eb2f0](https://github.com/zkat/cacache/commit/d6eb2f0)) + + + + +## [6.1.1](https://github.com/zkat/cacache/compare/v6.1.0...v6.1.1) (2017-03-13) + + +### Bug Fixes + +* **coverage:** bumping coverage for verify (#71) ([0b7faf6](https://github.com/zkat/cacache/commit/0b7faf6)) +* **deps:** glob should have been a regular dep :< ([0640bc4](https://github.com/zkat/cacache/commit/0640bc4)) + + + + +# [6.1.0](https://github.com/zkat/cacache/compare/v6.0.2...v6.1.0) (2017-03-12) + + +### Bug Fixes + +* **coverage:** more coverage for content reads (#70) ([ef4f70a](https://github.com/zkat/cacache/commit/ef4f70a)) +* **tests:** use safe-buffer because omfg (#69) ([6ab8132](https://github.com/zkat/cacache/commit/6ab8132)) + + +### Features + +* **rm:** limited rm.all and fixed bugs (#66) ([d5d25ba](https://github.com/zkat/cacache/commit/d5d25ba)), closes [#66](https://github.com/zkat/cacache/issues/66) +* **verify:** tested, working cache verifier/gc (#68) ([45ad77a](https://github.com/zkat/cacache/commit/45ad77a)) + + + + +## [6.0.2](https://github.com/zkat/cacache/compare/v6.0.1...v6.0.2) (2017-03-11) + + +### Bug Fixes + +* **index:** segment cache items with another subbucket (#64) ([c3644e5](https://github.com/zkat/cacache/commit/c3644e5)) + + + + +## [6.0.1](https://github.com/zkat/cacache/compare/v6.0.0...v6.0.1) (2017-03-05) + + +### Bug Fixes + +* **docs:** Missed spots in README ([8ffb7fa](https://github.com/zkat/cacache/commit/8ffb7fa)) + + + + +# [6.0.0](https://github.com/zkat/cacache/compare/v5.0.3...v6.0.0) (2017-03-05) + + +### Bug Fixes + +* **api:** keep memo cache mostly-internal ([2f72d0a](https://github.com/zkat/cacache/commit/2f72d0a)) +* **content:** use the rest of the string, not the whole string ([fa8f3c3](https://github.com/zkat/cacache/commit/fa8f3c3)) +* **deps:** removed `format-number[@2](https://github.com/2).0.2` ([1187791](https://github.com/zkat/cacache/commit/1187791)) +* **deps:** removed inflight[@1](https://github.com/1).0.6 ([0d1819c](https://github.com/zkat/cacache/commit/0d1819c)) +* **deps:** rimraf[@2](https://github.com/2).6.1 ([9efab6b](https://github.com/zkat/cacache/commit/9efab6b)) +* **deps:** standard[@9](https://github.com/9).0.0 ([4202cba](https://github.com/zkat/cacache/commit/4202cba)) +* **deps:** tap[@10](https://github.com/10).3.0 ([aa03088](https://github.com/zkat/cacache/commit/aa03088)) +* **deps:** weallcontribute[@1](https://github.com/1).0.8 ([ad4f4dc](https://github.com/zkat/cacache/commit/ad4f4dc)) +* **docs:** add security note to hashKey ([03f81ba](https://github.com/zkat/cacache/commit/03f81ba)) +* **hashes:** change default hashAlgorithm to sha512 ([ea00ba6](https://github.com/zkat/cacache/commit/ea00ba6)) +* **hashes:** missed a spot for hashAlgorithm defaults ([45997d8](https://github.com/zkat/cacache/commit/45997d8)) +* **index:** add length header before JSON for verification ([fb8cb4d](https://github.com/zkat/cacache/commit/fb8cb4d)) +* **index:** change index filenames to sha1s of keys ([bbc5fca](https://github.com/zkat/cacache/commit/bbc5fca)) +* **index:** who cares about race conditions anyway ([b1d3888](https://github.com/zkat/cacache/commit/b1d3888)) +* **perf:** bulk-read get+read for massive speed ([d26cdf9](https://github.com/zkat/cacache/commit/d26cdf9)) +* **perf:** use bulk file reads for index reads ([79a8891](https://github.com/zkat/cacache/commit/79a8891)) +* **put-stream:** remove tmp file on stream insert error ([65f6632](https://github.com/zkat/cacache/commit/65f6632)) +* **put-stream:** robustified and predictibilized ([daf9e08](https://github.com/zkat/cacache/commit/daf9e08)) +* **put-stream:** use new promise API for moves ([1d36013](https://github.com/zkat/cacache/commit/1d36013)) +* **readme:** updated to reflect new default hashAlgo ([c60a2fa](https://github.com/zkat/cacache/commit/c60a2fa)) +* **verify:** tiny typo fix ([db22d05](https://github.com/zkat/cacache/commit/db22d05)) + + +### Features + +* **api:** converted external api ([7bf032f](https://github.com/zkat/cacache/commit/7bf032f)) +* **cacache:** exported clearMemoized() utility ([8d2c5b6](https://github.com/zkat/cacache/commit/8d2c5b6)) +* **cache:** add versioning to content and index ([31bc549](https://github.com/zkat/cacache/commit/31bc549)) +* **content:** collate content files into subdirs ([c094d9f](https://github.com/zkat/cacache/commit/c094d9f)) +* **deps:** [@npmcorp](https://github.com/npmcorp)/move[@1](https://github.com/1).0.0 ([bdd00bf](https://github.com/zkat/cacache/commit/bdd00bf)) +* **deps:** bluebird[@3](https://github.com/3).4.7 ([3a17aff](https://github.com/zkat/cacache/commit/3a17aff)) +* **deps:** promise-inflight[@1](https://github.com/1).0.1 ([a004fe6](https://github.com/zkat/cacache/commit/a004fe6)) +* **get:** added memoization support for get ([c77d794](https://github.com/zkat/cacache/commit/c77d794)) +* **get:** export hasContent ([2956ec3](https://github.com/zkat/cacache/commit/2956ec3)) +* **index:** add hashAlgorithm and format insert ret val ([b639746](https://github.com/zkat/cacache/commit/b639746)) +* **index:** collate index files into subdirs ([e8402a5](https://github.com/zkat/cacache/commit/e8402a5)) +* **index:** promisify entry index ([cda3335](https://github.com/zkat/cacache/commit/cda3335)) +* **memo:** added memoization lib ([da07b92](https://github.com/zkat/cacache/commit/da07b92)) +* **memo:** export memoization api ([954b1b3](https://github.com/zkat/cacache/commit/954b1b3)) +* **move-file:** add move fallback for weird errors ([5cf4616](https://github.com/zkat/cacache/commit/5cf4616)) +* **perf:** bulk content write api ([51b536e](https://github.com/zkat/cacache/commit/51b536e)) +* **put:** added memoization support to put ([b613a70](https://github.com/zkat/cacache/commit/b613a70)) +* **read:** switched to promises ([a869362](https://github.com/zkat/cacache/commit/a869362)) +* **rm:** added memoization support to rm ([4205cf0](https://github.com/zkat/cacache/commit/4205cf0)) +* **rm:** switched to promises ([a000d24](https://github.com/zkat/cacache/commit/a000d24)) +* **util:** promise-inflight ownership fix requests ([9517cd7](https://github.com/zkat/cacache/commit/9517cd7)) +* **util:** use promises for api ([ae204bb](https://github.com/zkat/cacache/commit/ae204bb)) +* **verify:** converted to Promises ([f0b3974](https://github.com/zkat/cacache/commit/f0b3974)) + + +### BREAKING CHANGES + +* cache: index/content directories are now versioned. Previous caches are no longer compatible and cannot be migrated. +* util: fix-owner now uses Promises instead of callbacks +* index: Previously-generated index entries are no longer compatible and the index must be regenerated. +* index: The index format has changed and previous caches are no longer compatible. Existing caches will need to be regenerated. +* hashes: Default hashAlgorithm changed from sha1 to sha512. If you +rely on the prior setting, pass `opts.hashAlgorithm` in explicitly. +* content: Previously-generated content directories are no longer compatible +and must be regenerated. +* verify: API is now promise-based +* read: Switches to a Promise-based API and removes callback stuff +* rm: Switches to a Promise-based API and removes callback stuff +* index: this changes the API to work off promises instead of callbacks +* api: this means we are going all in on promises now diff --git a/node_modules/make-fetch-happen/node_modules/cacache/LICENSE.md b/node_modules/make-fetch-happen/node_modules/cacache/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/make-fetch-happen/node_modules/cacache/README.es.md b/node_modules/make-fetch-happen/node_modules/cacache/README.es.md new file mode 100644 index 0000000000000..55007e20dd4f1 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/README.es.md @@ -0,0 +1,628 @@ +# cacache [![npm version](https://img.shields.io/npm/v/cacache.svg)](https://npm.im/cacache) [![license](https://img.shields.io/npm/l/cacache.svg)](https://npm.im/cacache) [![Travis](https://img.shields.io/travis/zkat/cacache.svg)](https://travis-ci.org/zkat/cacache) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/cacache?svg=true)](https://ci.appveyor.com/project/zkat/cacache) [![Coverage Status](https://coveralls.io/repos/github/zkat/cacache/badge.svg?branch=latest)](https://coveralls.io/github/zkat/cacache?branch=latest) + +[`cacache`](https://github.com/zkat/cacache) es una librería de Node.js para +manejar caches locales en disco, con acceso tanto con claves únicas como +direcciones de contenido (hashes/hacheos). Es súper rápida, excelente con el +acceso concurrente, y jamás te dará datos incorrectos, aún si se corrompen o +manipulan directamente los ficheros del cache. + +El propósito original era reemplazar el caché local de +[npm](https://npm.im/npm), pero se puede usar por su propia cuenta. + +_Traducciones: [English](README.md)_ + +## Instalación + +`$ npm install --save cacache` + +## Índice + +* [Ejemplo](#ejemplo) +* [Características](#características) +* [Cómo Contribuir](#cómo-contribuir) +* [API](#api) + * [Usando el API en español](#localized-api) + * Leer + * [`ls`](#ls) + * [`ls.flujo`](#ls-stream) + * [`saca`](#get-data) + * [`saca.flujo`](#get-stream) + * [`saca.info`](#get-info) + * [`saca.tieneDatos`](#get-hasContent) + * Escribir + * [`mete`](#put-data) + * [`mete.flujo`](#put-stream) + * [opciones para `mete*`](#put-options) + * [`rm.todo`](#rm-all) + * [`rm.entrada`](#rm-entry) + * [`rm.datos`](#rm-content) + * Utilidades + * [`ponLenguaje`](#set-locale) + * [`limpiaMemoizado`](#clear-memoized) + * [`tmp.hazdir`](#tmp-mkdir) + * [`tmp.conTmp`](#with-tmp) + * Integridad + * [Subresource Integrity](#integrity) + * [`verifica`](#verify) + * [`verifica.ultimaVez`](#verify-last-run) + +### Ejemplo + +```javascript +const cacache = require('cacache/es') +const fs = require('fs') + +const tarbol = '/ruta/a/mi-tar.tgz' +const rutaCache = '/tmp/my-toy-cache' +const clave = 'mi-clave-única-1234' + +// ¡Añádelo al caché! Usa `rutaCache` como raíz del caché. +cacache.mete(rutaCache, clave, '10293801983029384').then(integrity => { + console.log(`Saved content to ${rutaCache}.`) +}) + +const destino = '/tmp/mytar.tgz' + +// Copia el contenido del caché a otro fichero, pero esta vez con flujos. +cacache.saca.flujo( + rutaCache, clave +).pipe( + fs.createWriteStream(destino) +).on('finish', () => { + console.log('extracción completada') +}) + +// La misma cosa, pero accesando el contenido directamente, sin tocar el índice. +cacache.saca.porHacheo(rutaCache, integridad).then(datos => { + fs.writeFile(destino, datos, err => { + console.log('datos del tarbol sacados basado en su sha512, y escrito a otro fichero') + }) +}) +``` + +### Características + +* Extracción por clave o por dirección de contenido (shasum, etc) +* Usa el estándard de web, [Subresource Integrity](#integrity) +* Compatible con multiples algoritmos - usa sha1, sha512, etc, en el mismo caché sin problema +* Entradas con contenido idéntico comparten ficheros +* Tolerancia de fallas (inmune a corrupción, ficheros parciales, carreras de proceso, etc) +* Verificación completa de datos cuando (escribiendo y leyendo) +* Concurrencia rápida, segura y "lockless" +* Compatible con `stream`s (flujos) +* Compatible con `Promise`s (promesas) +* Bastante rápida -- acceso, incluyendo verificación, en microsegundos +* Almacenaje de metadatos arbitrarios +* Colección de basura y verificación adicional fuera de banda +* Cobertura rigurosa de pruebas +* Probablente hay un "Bloom filter" por ahí en algún lado. Eso le mola a la gente, ¿Verdad? 🤔 + +### Cómo Contribuir + +El equipo de cacache felizmente acepta contribuciones de código y otras maneras de participación. ¡Hay muchas formas diferentes de contribuir! La [Guía de Colaboradores](CONTRIBUTING.md) (en inglés) tiene toda la información que necesitas para cualquier tipo de contribución: todo desde cómo reportar errores hasta cómo someter parches con nuevas características. Con todo y eso, no se preocupe por si lo que haces está exáctamente correcto: no hay ningún problema en hacer preguntas si algo no está claro, o no lo encuentras. + +El equipo de cacache tiene miembros hispanohablantes: es completamente aceptable crear `issues` y `pull requests` en español/castellano. + +Todos los participantes en este proyecto deben obedecer el [Código de Conducta](CODE_OF_CONDUCT.md) (en inglés), y en general actuar de forma amable y respetuosa mientras participan en esta comunidad. + +Por favor refiérase al [Historial de Cambios](CHANGELOG.md) (en inglés) para detalles sobre cambios importantes incluídos en cada versión. + +Finalmente, cacache tiene un sistema de localización de lenguaje. Si te interesa añadir lenguajes o mejorar los que existen, mira en el directorio `./locales` para comenzar. + +Happy hacking! + +### API + +#### Usando el API en español + +cacache incluye una traducción completa de su API al castellano, con las mismas +características. Para usar el API como está documentado en este documento, usa +`require('cacache/es')` + +cacache también tiene otros lenguajes: encuéntralos bajo `./locales`, y podrás +usar el API en ese lenguaje con `require('cacache/')` + +#### `> cacache.ls(cache) -> Promise` + +Enumera todas las entradas en el caché, dentro de un solo objeto. Cada entrada +en el objeto tendrá como clave la clave única usada para el índice, el valor +siendo un objeto de [`saca.info`](#get-info). + +##### Ejemplo + +```javascript +cacache.ls(rutaCache).then(console.log) +// Salida +{ + 'my-thing': { + key: 'my-thing', + integrity: 'sha512-BaSe64/EnCoDED+HAsh==' + path: '.testcache/content/deadbeef', // unido con `rutaCache` + time: 12345698490, + size: 4023948, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } + }, + 'other-thing': { + key: 'other-thing', + integrity: 'sha1-ANothER+hasH=', + path: '.testcache/content/bada55', + time: 11992309289, + size: 111112 + } +} +``` + +#### `> cacache.ls.flujo(cache) -> Readable` + +Enumera todas las entradas en el caché, emitiendo un objeto de +[`saca.info`](#get-info) por cada evento de `data` en el flujo. + +##### Ejemplo + +```javascript +cacache.ls.flujo(rutaCache).on('data', console.log) +// Salida +{ + key: 'my-thing', + integrity: 'sha512-BaSe64HaSh', + path: '.testcache/content/deadbeef', // unido con `rutaCache` + time: 12345698490, + size: 13423, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } +} + +{ + key: 'other-thing', + integrity: 'whirlpool-WoWSoMuchSupport', + path: '.testcache/content/bada55', + time: 11992309289, + size: 498023984029 +} + +{ + ... +} +``` + +#### `> cacache.saca(cache, clave, [ops]) -> Promise({data, metadata, integrity})` + +Devuelve un objeto con los datos, hacheo de integridad y metadatos identificados +por la `clave`. La propiedad `data` de este objeto será una instancia de +`Buffer` con los datos almacenados en el caché. to do with it! cacache just +won't care. + +`integrity` es un `string` de [Subresource Integrity](#integrity). Dígase, un +`string` que puede ser usado para verificar a la `data`, que tiene como formato +`-`. + +So no existe ninguna entrada identificada por `clave`, o se los datos +almacenados localmente fallan verificación, el `Promise` fallará. + +Una sub-función, `saca.porHacheo`, tiene casi el mismo comportamiento, excepto +que busca entradas usando el hacheo de integridad, sin tocar el índice general. +Esta versión *sólo* devuelve `data`, sin ningún objeto conteniéndola. + +##### Nota + +Esta función lee la entrada completa a la memoria antes de devolverla. Si estás +almacenando datos Muy Grandes, es posible que [`saca.flujo`](#get-stream) sea +una mejor solución. + +##### Ejemplo + +```javascript +// Busca por clave +cache.saca(rutaCache, 'my-thing').then(console.log) +// Salida: +{ + metadata: { + thingName: 'my' + }, + integrity: 'sha512-BaSe64HaSh', + data: Buffer#, + size: 9320 +} + +// Busca por hacheo +cache.saca.porHacheo(rutaCache, 'sha512-BaSe64HaSh').then(console.log) +// Salida: +Buffer# +``` + +#### `> cacache.saca.flujo(cache, clave, [ops]) -> Readable` + +Devuelve un [Readable +Stream](https://nodejs.org/api/stream.html#stream_readable_streams) de los datos +almacenados bajo `clave`. + +So no existe ninguna entrada identificada por `clave`, o se los datos +almacenados localmente fallan verificación, el `Promise` fallará. + +`metadata` y `integrity` serán emitidos como eventos antes de que el flujo +cierre. + +Una sub-función, `saca.flujo.porHacheo`, tiene casi el mismo comportamiento, +excepto que busca entradas usando el hacheo de integridad, sin tocar el índice +general. Esta versión no emite eventos de `metadata` o `integrity`. + +##### Ejemplo + +```javascript +// Busca por clave +cache.saca.flujo( + rutaCache, 'my-thing' +).on('metadata', metadata => { + console.log('metadata:', metadata) +}).on('integrity', integrity => { + console.log('integrity:', integrity) +}).pipe( + fs.createWriteStream('./x.tgz') +) +// Salidas: +metadata: { ... } +integrity: 'sha512-SoMeDIGest+64==' + +// Busca por hacheo +cache.saca.flujo.porHacheo( + rutaCache, 'sha512-SoMeDIGest+64==' +).pipe( + fs.createWriteStream('./x.tgz') +) +``` + +#### `> cacache.saca.info(cache, clave) -> Promise` + +Busca la `clave` en el índice del caché, devolviendo información sobre la +entrada si existe. + +##### Campos + +* `key` - Clave de la entrada. Igual al argumento `clave`. +* `integrity` - [hacheo de Subresource Integrity](#integrity) del contenido al que se refiere esta entrada. +* `path` - Dirección del fichero de datos almacenados, unida al argumento `cache`. +* `time` - Hora de creación de la entrada +* `metadata` - Metadatos asignados a esta entrada por el usuario + +##### Ejemplo + +```javascript +cacache.saca.info(rutaCache, 'my-thing').then(console.log) + +// Salida +{ + key: 'my-thing', + integrity: 'sha256-MUSTVERIFY+ALL/THINGS==' + path: '.testcache/content/deadbeef', + time: 12345698490, + size: 849234, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } +} +``` + +#### `> cacache.saca.tieneDatos(cache, integrity) -> Promise` + +Busca un [hacheo Subresource Integrity](#integrity) en el caché. Si existe el +contenido asociado con `integrity`, devuelve un objeto con dos campos: el hacheo +_específico_ que se usó para la búsqueda, `sri`, y el tamaño total del +contenido, `size`. Si no existe ningún contenido asociado con `integrity`, +devuelve `false`. + +##### Ejemplo + +```javascript +cacache.saca.tieneDatos(rutaCache, 'sha256-MUSTVERIFY+ALL/THINGS==').then(console.log) + +// Salida +{ + sri: { + source: 'sha256-MUSTVERIFY+ALL/THINGS==', + algorithm: 'sha256', + digest: 'MUSTVERIFY+ALL/THINGS==', + options: [] + }, + size: 9001 +} + +cacache.saca.tieneDatos(rutaCache, 'sha521-NOT+IN/CACHE==').then(console.log) + +// Salida +false +``` + +#### `> cacache.mete(cache, clave, datos, [ops]) -> Promise` + +Inserta `datos` en el caché. El `Promise` devuelto se resuelve con un hacheo +(generado conforme a [`ops.algorithms`](#optsalgorithms)) después que la entrada +haya sido escrita en completo. + +##### Ejemplo + +```javascript +fetch( + 'https://registry.npmjs.org/cacache/-/cacache-1.0.0.tgz' +).then(datos => { + return cacache.mete(rutaCache, 'registry.npmjs.org|cacache@1.0.0', datos) +}).then(integridad => { + console.log('el hacheo de integridad es', integridad) +}) +``` + +#### `> cacache.mete.flujo(cache, clave, [ops]) -> Writable` + +Devuelve un [Writable +Stream](https://nodejs.org/api/stream.html#stream_writable_streams) que inserta +al caché los datos escritos a él. Emite un evento `integrity` con el hacheo del +contenido escrito, cuando completa. + +##### Ejemplo + +```javascript +request.get( + 'https://registry.npmjs.org/cacache/-/cacache-1.0.0.tgz' +).pipe( + cacache.mete.flujo( + rutaCache, 'registry.npmjs.org|cacache@1.0.0' + ).on('integrity', d => console.log(`integrity digest is ${d}`)) +) +``` + +#### `> opciones para cacache.mete` + +La funciones `cacache.mete` tienen un número de opciones en común. + +##### `ops.metadata` + +Metadatos del usuario que se almacenarán con la entrada. + +##### `ops.size` + +El tamaño declarado de los datos que se van a insertar. Si es proveído, cacache +verificará que los datos escritos sean de ese tamaño, o si no, fallará con un +error con código `EBADSIZE`. + +##### `ops.integrity` + +El hacheo de integridad de los datos siendo escritos. + +Si es proveído, y los datos escritos no le corresponden, la operación fallará +con un error con código `EINTEGRITY`. + +`ops.algorithms` no tiene ningún efecto si esta opción está presente. + +##### `ops.algorithms` + +Por Defecto: `['sha512']` + +Algoritmos que se deben usar cuando se calcule el hacheo de [subresource +integrity](#integrity) para los datos insertados. Puede usar cualquier algoritmo +enumerado en `crypto.getHashes()`. + +Por el momento, sólo se acepta un algoritmo (dígase, un array con exáctamente un +valor). No tiene ningún efecto si `ops.integrity` también ha sido proveido. + +##### `ops.uid`/`ops.gid` + +Si están presentes, cacache hará todo lo posible para asegurarse que todos los +ficheros creados en el proceso de sus operaciones en el caché usen esta +combinación en particular. + +##### `ops.memoize` + +Por Defecto: `null` + +Si es verdad, cacache tratará de memoizar los datos de la entrada en memoria. La +próxima vez que el proceso corriente trate de accesar los datos o entrada, +cacache buscará en memoria antes de buscar en disco. + +Si `ops.memoize` es un objeto regular o un objeto como `Map` (es decir, un +objeto con métodos `get()` y `set()`), este objeto en sí sera usado en vez del +caché de memoria global. Esto permite tener lógica específica a tu aplicación +encuanto al almacenaje en memoria de tus datos. + +Si quieres asegurarte que los datos se lean del disco en vez de memoria, usa +`memoize: false` cuando uses funciones de `cacache.saca`. + +#### `> cacache.rm.todo(cache) -> Promise` + +Borra el caché completo, incluyendo ficheros temporeros, ficheros de datos, y el +índice del caché. + +##### Ejemplo + +```javascript +cacache.rm.todo(rutaCache).then(() => { + console.log('THE APOCALYPSE IS UPON US 😱') +}) +``` + +#### `> cacache.rm.entrada(cache, clave) -> Promise` + +Alias: `cacache.rm` + +Borra la entrada `clave` del índuce. El contenido asociado con esta entrada +seguirá siendo accesible por hacheo usando +[`saca.flujo.porHacheo`](#get-stream). + +Para borrar el contenido en sí, usa [`rm.datos`](#rm-content). Si quieres hacer +esto de manera más segura (pues ficheros de contenido pueden ser usados por +multiples entradas), usa [`verifica`](#verify) para borrar huérfanos. + +##### Ejemplo + +```javascript +cacache.rm.entrada(rutaCache, 'my-thing').then(() => { + console.log('I did not like it anyway') +}) +``` + +#### `> cacache.rm.datos(cache, integrity) -> Promise` + +Borra el contenido identificado por `integrity`. Cualquier entrada que se +refiera a este contenido quedarán huérfanas y se invalidarán si se tratan de +accesar, al menos que contenido idéntico sea añadido bajo `integrity`. + +##### Ejemplo + +```javascript +cacache.rm.datos(rutaCache, 'sha512-SoMeDIGest/IN+BaSE64==').then(() => { + console.log('los datos para `mi-cosa` se borraron') +}) +``` + +#### `> cacache.ponLenguaje(locale)` + +Configura el lenguaje usado para mensajes y errores de cacache. La lista de +lenguajes disponibles está en el directorio `./locales` del proyecto. + +_Te interesa añadir más lenguajes? [Somete un PR](CONTRIBUTING.md)!_ + +#### `> cacache.limpiaMemoizado()` + +Completamente reinicializa el caché de memoria interno. Si estás usando tu +propio objecto con `ops.memoize`, debes hacer esto de manera específica a él. + +#### `> tmp.hazdir(cache, ops) -> Promise` + +Alias: `tmp.mkdir` + +Devuelve un directorio único dentro del directorio `tmp` del caché. + +Una vez tengas el directorio, es responsabilidad tuya asegurarte que todos los +ficheros escrito a él sean creados usando los permisos y `uid`/`gid` concordante +con el caché. Si no, puedes pedirle a cacache que lo haga llamando a +[`cacache.tmp.fix()`](#tmp-fix). Esta función arreglará todos los permisos en el +directorio tmp. + +Si quieres que cacache limpie el directorio automáticamente cuando termines, usa +[`cacache.tmp.conTmp()`](#with-tpm). + +##### Ejemplo + +```javascript +cacache.tmp.mkdir(cache).then(dir => { + fs.writeFile(path.join(dir, 'blablabla'), Buffer#<1234>, ...) +}) +``` + +#### `> tmp.conTmp(cache, ops, cb) -> Promise` + +Crea un directorio temporero con [`tmp.mkdir()`](#tmp-mkdir) y ejecuta `cb` con +él como primer argumento. El directorio creado será removido automáticamente +cuando el valor devolvido por `cb()` se resuelva. + +Las mismas advertencias aplican en cuanto a manejando permisos para los ficheros +dentro del directorio. + +##### Ejemplo + +```javascript +cacache.tmp.conTmp(cache, dir => { + return fs.writeFileAsync(path.join(dir, 'blablabla'), Buffer#<1234>, ...) +}).then(() => { + // `dir` no longer exists +}) +``` + +#### Hacheos de Subresource Integrity + +cacache usa strings que siguen la especificación de [Subresource Integrity +spec](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity). + +Es decir, donde quiera cacache espera un argumento o opción `integrity`, ese +string debería usar el formato `-`. + +Una variación importante sobre los hacheos que cacache acepta es que acepta el +nombre de cualquier algoritmo aceptado por el proceso de Node.js donde se usa. +Puedes usar `crypto.getHashes()` para ver cuales están disponibles. + +##### Generando tus propios hacheos + +Si tienes un `shasum`, en general va a estar en formato de string hexadecimal +(es decir, un `sha1` se vería como algo así: +`5f5513f8822fdbe5145af33b64d8d970dcf95c6e`). + +Para ser compatible con cacache, necesitas convertir esto a su equivalente en +subresource integrity. Por ejemplo, el hacheo correspondiente al ejemplo +anterior sería: `sha1-X1UT+IIv2+UUWvM7ZNjZcNz5XG4=`. + +Puedes usar código así para generarlo por tu cuenta: + +```javascript +const crypto = require('crypto') +const algoritmo = 'sha512' +const datos = 'foobarbaz' + +const integrity = ( + algorithm + + '-' + + crypto.createHash(algoritmo).update(datos).digest('base64') +) +``` + +También puedes usar [`ssri`](https://npm.im/ssri) para deferir el trabajo a otra +librería que garantiza que todo esté correcto, pues maneja probablemente todas +las operaciones que tendrías que hacer con SRIs, incluyendo convirtiendo entre +hexadecimal y el formato SRI. + +#### `> cacache.verifica(cache, ops) -> Promise` + +Examina y arregla tu caché: + +* Limpia entradas inválidas, huérfanas y corrompidas +* Te deja filtrar cuales entradas retener, con tu propio filtro +* Reclama cualquier ficheros de contenido sin referencias en el índice +* Verifica integridad de todos los ficheros de contenido y remueve los malos +* Arregla permisos del caché +* Remieve el directorio `tmp` en el caché, y todo su contenido. + +Cuando termine, devuelve un objeto con varias estadísticas sobre el proceso de +verificación, por ejemplo la cantidad de espacio de disco reclamado, el número +de entradas válidas, número de entradas removidas, etc. + +##### Opciones + +* `ops.uid` - uid para asignarle al caché y su contenido +* `ops.gid` - gid para asignarle al caché y su contenido +* `ops.filter` - recibe una entrada como argumento. Devuelve falso para removerla. Nota: es posible que esta función sea invocada con la misma entrada más de una vez. + +##### Example + +```sh +echo somegarbage >> $RUTACACHE/content/deadbeef +``` + +```javascript +cacache.verifica(rutaCache).then(stats => { + // deadbeef collected, because of invalid checksum. + console.log('cache is much nicer now! stats:', stats) +}) +``` + +#### `> cacache.verifica.ultimaVez(cache) -> Promise` + +Alias: `últimaVez` + +Devuelve un `Date` que representa la última vez que `cacache.verifica` fue +ejecutada en `cache`. + +##### Example + +```javascript +cacache.verifica(rutaCache).then(() => { + cacache.verifica.ultimaVez(rutaCache).then(última => { + console.log('La última vez que se usó cacache.verifica() fue ' + última) + }) +}) +``` diff --git a/node_modules/make-fetch-happen/node_modules/cacache/README.md b/node_modules/make-fetch-happen/node_modules/cacache/README.md new file mode 100644 index 0000000000000..7f8ec5eec05ff --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/README.md @@ -0,0 +1,641 @@ +# cacache [![npm version](https://img.shields.io/npm/v/cacache.svg)](https://npm.im/cacache) [![license](https://img.shields.io/npm/l/cacache.svg)](https://npm.im/cacache) [![Travis](https://img.shields.io/travis/npm/cacache.svg)](https://travis-ci.org/npm/cacache) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/npm/cacache?svg=true)](https://ci.appveyor.com/project/npm/cacache) [![Coverage Status](https://coveralls.io/repos/github/npm/cacache/badge.svg?branch=latest)](https://coveralls.io/github/npm/cacache?branch=latest) + +[`cacache`](https://github.com/npm/cacache) is a Node.js library for managing +local key and content address caches. It's really fast, really good at +concurrency, and it will never give you corrupted data, even if cache files +get corrupted or manipulated. + +On systems that support user and group settings on files, cacache will +match the `uid` and `gid` values to the folder where the cache lives, even +when running as `root`. + +It was written to be used as [npm](https://npm.im)'s local cache, but can +just as easily be used on its own. + +_Translations: [español](README.es.md)_ + +## Install + +`$ npm install --save cacache` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [Using localized APIs](#localized-api) + * Reading + * [`ls`](#ls) + * [`ls.stream`](#ls-stream) + * [`get`](#get-data) + * [`get.stream`](#get-stream) + * [`get.info`](#get-info) + * [`get.hasContent`](#get-hasContent) + * Writing + * [`put`](#put-data) + * [`put.stream`](#put-stream) + * [`put*` opts](#put-options) + * [`rm.all`](#rm-all) + * [`rm.entry`](#rm-entry) + * [`rm.content`](#rm-content) + * Utilities + * [`setLocale`](#set-locale) + * [`clearMemoized`](#clear-memoized) + * [`tmp.mkdir`](#tmp-mkdir) + * [`tmp.withTmp`](#with-tmp) + * Integrity + * [Subresource Integrity](#integrity) + * [`verify`](#verify) + * [`verify.lastRun`](#verify-last-run) + +### Example + +```javascript +const cacache = require('cacache/en') +const fs = require('fs') + +const tarball = '/path/to/mytar.tgz' +const cachePath = '/tmp/my-toy-cache' +const key = 'my-unique-key-1234' + +// Cache it! Use `cachePath` as the root of the content cache +cacache.put(cachePath, key, '10293801983029384').then(integrity => { + console.log(`Saved content to ${cachePath}.`) +}) + +const destination = '/tmp/mytar.tgz' + +// Copy the contents out of the cache and into their destination! +// But this time, use stream instead! +cacache.get.stream( + cachePath, key +).pipe( + fs.createWriteStream(destination) +).on('finish', () => { + console.log('done extracting!') +}) + +// The same thing, but skip the key index. +cacache.get.byDigest(cachePath, integrityHash).then(data => { + fs.writeFile(destination, data, err => { + console.log('tarball data fetched based on its sha512sum and written out!') + }) +}) +``` + +### Features + +* Extraction by key or by content address (shasum, etc) +* [Subresource Integrity](#integrity) web standard support +* Multi-hash support - safely host sha1, sha512, etc, in a single cache +* Automatic content deduplication +* Fault tolerance (immune to corruption, partial writes, process races, etc) +* Consistency guarantees on read and write (full data verification) +* Lockless, high-concurrency cache access +* Streaming support +* Promise support +* Pretty darn fast -- sub-millisecond reads and writes including verification +* Arbitrary metadata storage +* Garbage collection and additional offline verification +* Thorough test coverage +* There's probably a bloom filter in there somewhere. Those are cool, right? 🤔 + +### Contributing + +The cacache team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](CONTRIBUTING.md) has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### Using localized APIs + +cacache includes a complete API in English, with the same features as other +translations. To use the English API as documented in this README, use +`require('cacache/en')`. This is also currently the default if you do +`require('cacache')`, but may change in the future. + +cacache also supports other languages! You can find the list of currently +supported ones by looking in `./locales` in the source directory. You can use +the API in that language with `require('cacache/')`. + +Want to add support for a new language? Please go ahead! You should be able to +copy `./locales/en.js` and `./locales/en.json` and fill them in. Translating the +`README.md` is a bit more work, but also appreciated if you get around to it. 👍🏼 + +#### `> cacache.ls(cache) -> Promise` + +Lists info for all entries currently in the cache as a single large object. Each +entry in the object will be keyed by the unique index key, with corresponding +[`get.info`](#get-info) objects as the values. + +##### Example + +```javascript +cacache.ls(cachePath).then(console.log) +// Output +{ + 'my-thing': { + key: 'my-thing', + integrity: 'sha512-BaSe64/EnCoDED+HAsh==' + path: '.testcache/content/deadbeef', // joined with `cachePath` + time: 12345698490, + size: 4023948, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } + }, + 'other-thing': { + key: 'other-thing', + integrity: 'sha1-ANothER+hasH=', + path: '.testcache/content/bada55', + time: 11992309289, + size: 111112 + } +} +``` + +#### `> cacache.ls.stream(cache) -> Readable` + +Lists info for all entries currently in the cache as a single large object. + +This works just like [`ls`](#ls), except [`get.info`](#get-info) entries are +returned as `'data'` events on the returned stream. + +##### Example + +```javascript +cacache.ls.stream(cachePath).on('data', console.log) +// Output +{ + key: 'my-thing', + integrity: 'sha512-BaSe64HaSh', + path: '.testcache/content/deadbeef', // joined with `cachePath` + time: 12345698490, + size: 13423, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } +} + +{ + key: 'other-thing', + integrity: 'whirlpool-WoWSoMuchSupport', + path: '.testcache/content/bada55', + time: 11992309289, + size: 498023984029 +} + +{ + ... +} +``` + +#### `> cacache.get(cache, key, [opts]) -> Promise({data, metadata, integrity})` + +Returns an object with the cached data, digest, and metadata identified by +`key`. The `data` property of this object will be a `Buffer` instance that +presumably holds some data that means something to you. I'm sure you know what +to do with it! cacache just won't care. + +`integrity` is a [Subresource +Integrity](#integrity) +string. That is, a string that can be used to verify `data`, which looks like +`-`. + +If there is no content identified by `key`, or if the locally-stored data does +not pass the validity checksum, the promise will be rejected. + +A sub-function, `get.byDigest` may be used for identical behavior, except lookup +will happen by integrity hash, bypassing the index entirely. This version of the +function *only* returns `data` itself, without any wrapper. + +##### Note + +This function loads the entire cache entry into memory before returning it. If +you're dealing with Very Large data, consider using [`get.stream`](#get-stream) +instead. + +##### Example + +```javascript +// Look up by key +cache.get(cachePath, 'my-thing').then(console.log) +// Output: +{ + metadata: { + thingName: 'my' + }, + integrity: 'sha512-BaSe64HaSh', + data: Buffer#, + size: 9320 +} + +// Look up by digest +cache.get.byDigest(cachePath, 'sha512-BaSe64HaSh').then(console.log) +// Output: +Buffer# +``` + +#### `> cacache.get.stream(cache, key, [opts]) -> Readable` + +Returns a [Readable Stream](https://nodejs.org/api/stream.html#stream_readable_streams) of the cached data identified by `key`. + +If there is no content identified by `key`, or if the locally-stored data does +not pass the validity checksum, an error will be emitted. + +`metadata` and `integrity` events will be emitted before the stream closes, if +you need to collect that extra data about the cached entry. + +A sub-function, `get.stream.byDigest` may be used for identical behavior, +except lookup will happen by integrity hash, bypassing the index entirely. This +version does not emit the `metadata` and `integrity` events at all. + +##### Example + +```javascript +// Look up by key +cache.get.stream( + cachePath, 'my-thing' +).on('metadata', metadata => { + console.log('metadata:', metadata) +}).on('integrity', integrity => { + console.log('integrity:', integrity) +}).pipe( + fs.createWriteStream('./x.tgz') +) +// Outputs: +metadata: { ... } +integrity: 'sha512-SoMeDIGest+64==' + +// Look up by digest +cache.get.stream.byDigest( + cachePath, 'sha512-SoMeDIGest+64==' +).pipe( + fs.createWriteStream('./x.tgz') +) +``` + +#### `> cacache.get.info(cache, key) -> Promise` + +Looks up `key` in the cache index, returning information about the entry if +one exists. + +##### Fields + +* `key` - Key the entry was looked up under. Matches the `key` argument. +* `integrity` - [Subresource Integrity hash](#integrity) for the content this entry refers to. +* `path` - Filesystem path where content is stored, joined with `cache` argument. +* `time` - Timestamp the entry was first added on. +* `metadata` - User-assigned metadata associated with the entry/content. + +##### Example + +```javascript +cacache.get.info(cachePath, 'my-thing').then(console.log) + +// Output +{ + key: 'my-thing', + integrity: 'sha256-MUSTVERIFY+ALL/THINGS==' + path: '.testcache/content/deadbeef', + time: 12345698490, + size: 849234, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } +} +``` + +#### `> cacache.get.hasContent(cache, integrity) -> Promise` + +Looks up a [Subresource Integrity hash](#integrity) in the cache. If content +exists for this `integrity`, it will return an object, with the specific single integrity hash +that was found in `sri` key, and the size of the found content as `size`. If no content exists for this integrity, it will return `false`. + +##### Example + +```javascript +cacache.get.hasContent(cachePath, 'sha256-MUSTVERIFY+ALL/THINGS==').then(console.log) + +// Output +{ + sri: { + source: 'sha256-MUSTVERIFY+ALL/THINGS==', + algorithm: 'sha256', + digest: 'MUSTVERIFY+ALL/THINGS==', + options: [] + }, + size: 9001 +} + +cacache.get.hasContent(cachePath, 'sha521-NOT+IN/CACHE==').then(console.log) + +// Output +false +``` + +#### `> cacache.put(cache, key, data, [opts]) -> Promise` + +Inserts data passed to it into the cache. The returned Promise resolves with a +digest (generated according to [`opts.algorithms`](#optsalgorithms)) after the +cache entry has been successfully written. + +##### Example + +```javascript +fetch( + 'https://registry.npmjs.org/cacache/-/cacache-1.0.0.tgz' +).then(data => { + return cacache.put(cachePath, 'registry.npmjs.org|cacache@1.0.0', data) +}).then(integrity => { + console.log('integrity hash is', integrity) +}) +``` + +#### `> cacache.put.stream(cache, key, [opts]) -> Writable` + +Returns a [Writable +Stream](https://nodejs.org/api/stream.html#stream_writable_streams) that inserts +data written to it into the cache. Emits an `integrity` event with the digest of +written contents when it succeeds. + +##### Example + +```javascript +request.get( + 'https://registry.npmjs.org/cacache/-/cacache-1.0.0.tgz' +).pipe( + cacache.put.stream( + cachePath, 'registry.npmjs.org|cacache@1.0.0' + ).on('integrity', d => console.log(`integrity digest is ${d}`)) +) +``` + +#### `> cacache.put options` + +`cacache.put` functions have a number of options in common. + +##### `opts.metadata` + +Arbitrary metadata to be attached to the inserted key. + +##### `opts.size` + +If provided, the data stream will be verified to check that enough data was +passed through. If there's more or less data than expected, insertion will fail +with an `EBADSIZE` error. + +##### `opts.integrity` + +If present, the pre-calculated digest for the inserted content. If this option +if provided and does not match the post-insertion digest, insertion will fail +with an `EINTEGRITY` error. + +`algorithms` has no effect if this option is present. + +##### `opts.algorithms` + +Default: ['sha512'] + +Hashing algorithms to use when calculating the [subresource integrity +digest](#integrity) +for inserted data. Can use any algorithm listed in `crypto.getHashes()` or +`'omakase'`/`'お任せします'` to pick a random hash algorithm on each insertion. You +may also use any anagram of `'modnar'` to use this feature. + +Currently only supports one algorithm at a time (i.e., an array length of +exactly `1`). Has no effect if `opts.integrity` is present. + +##### `opts.memoize` + +Default: null + +If provided, cacache will memoize the given cache insertion in memory, bypassing +any filesystem checks for that key or digest in future cache fetches. Nothing +will be written to the in-memory cache unless this option is explicitly truthy. + +If `opts.memoize` is an object or a `Map`-like (that is, an object with `get` +and `set` methods), it will be written to instead of the global memoization +cache. + +Reading from disk data can be forced by explicitly passing `memoize: false` to +the reader functions, but their default will be to read from memory. + +#### `> cacache.rm.all(cache) -> Promise` + +Clears the entire cache. Mainly by blowing away the cache directory itself. + +##### Example + +```javascript +cacache.rm.all(cachePath).then(() => { + console.log('THE APOCALYPSE IS UPON US 😱') +}) +``` + +#### `> cacache.rm.entry(cache, key) -> Promise` + +Alias: `cacache.rm` + +Removes the index entry for `key`. Content will still be accessible if +requested directly by content address ([`get.stream.byDigest`](#get-stream)). + +To remove the content itself (which might still be used by other entries), use +[`rm.content`](#rm-content). Or, to safely vacuum any unused content, use +[`verify`](#verify). + +##### Example + +```javascript +cacache.rm.entry(cachePath, 'my-thing').then(() => { + console.log('I did not like it anyway') +}) +``` + +#### `> cacache.rm.content(cache, integrity) -> Promise` + +Removes the content identified by `integrity`. Any index entries referring to it +will not be usable again until the content is re-added to the cache with an +identical digest. + +##### Example + +```javascript +cacache.rm.content(cachePath, 'sha512-SoMeDIGest/IN+BaSE64==').then(() => { + console.log('data for my-thing is gone!') +}) +``` + +#### `> cacache.setLocale(locale)` + +Configure the language/locale used for messages and errors coming from cacache. +The list of available locales is in the `./locales` directory in the project +root. + +_Interested in contributing more languages! [Submit a PR](CONTRIBUTING.md)!_ + +#### `> cacache.clearMemoized()` + +Completely resets the in-memory entry cache. + +#### `> tmp.mkdir(cache, opts) -> Promise` + +Returns a unique temporary directory inside the cache's `tmp` dir. This +directory will use the same safe user assignment that all the other stuff use. + +Once the directory is made, it's the user's responsibility that all files +within are given the appropriate `gid`/`uid` ownership settings to match +the rest of the cache. If not, you can ask cacache to do it for you by +calling [`tmp.fix()`](#tmp-fix), which will fix all tmp directory +permissions. + +If you want automatic cleanup of this directory, use +[`tmp.withTmp()`](#with-tpm) + +##### Example + +```javascript +cacache.tmp.mkdir(cache).then(dir => { + fs.writeFile(path.join(dir, 'blablabla'), Buffer#<1234>, ...) +}) +``` + +#### `> tmp.fix(cache) -> Promise` + +Sets the `uid` and `gid` properties on all files and folders within the tmp +folder to match the rest of the cache. + +Use this after manually writing files into [`tmp.mkdir`](#tmp-mkdir) or +[`tmp.withTmp`](#with-tmp). + +##### Example + +```javascript +cacache.tmp.mkdir(cache).then(dir => { + writeFile(path.join(dir, 'file'), someData).then(() => { + // make sure we didn't just put a root-owned file in the cache + cacache.tmp.fix().then(() => { + // all uids and gids match now + }) + }) +}) +``` + +#### `> tmp.withTmp(cache, opts, cb) -> Promise` + +Creates a temporary directory with [`tmp.mkdir()`](#tmp-mkdir) and calls `cb` +with it. The created temporary directory will be removed when the return value +of `cb()` resolves -- that is, if you return a Promise from `cb()`, the tmp +directory will be automatically deleted once that promise completes. + +The same caveats apply when it comes to managing permissions for the tmp dir's +contents. + +##### Example + +```javascript +cacache.tmp.withTmp(cache, dir => { + return fs.writeFileAsync(path.join(dir, 'blablabla'), Buffer#<1234>, ...) +}).then(() => { + // `dir` no longer exists +}) +``` + +#### Subresource Integrity Digests + +For content verification and addressing, cacache uses strings following the +[Subresource +Integrity spec](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity). +That is, any time cacache expects an `integrity` argument or option, it +should be in the format `-`. + +One deviation from the current spec is that cacache will support any hash +algorithms supported by the underlying Node.js process. You can use +`crypto.getHashes()` to see which ones you can use. + +##### Generating Digests Yourself + +If you have an existing content shasum, they are generally formatted as a +hexadecimal string (that is, a sha1 would look like: +`5f5513f8822fdbe5145af33b64d8d970dcf95c6e`). In order to be compatible with +cacache, you'll need to convert this to an equivalent subresource integrity +string. For this example, the corresponding hash would be: +`sha1-X1UT+IIv2+UUWvM7ZNjZcNz5XG4=`. + +If you want to generate an integrity string yourself for existing data, you can +use something like this: + +```javascript +const crypto = require('crypto') +const hashAlgorithm = 'sha512' +const data = 'foobarbaz' + +const integrity = ( + hashAlgorithm + + '-' + + crypto.createHash(hashAlgorithm).update(data).digest('base64') +) +``` + +You can also use [`ssri`](https://npm.im/ssri) to have a richer set of functionality +around SRI strings, including generation, parsing, and translating from existing +hex-formatted strings. + +#### `> cacache.verify(cache, opts) -> Promise` + +Checks out and fixes up your cache: + +* Cleans up corrupted or invalid index entries. +* Custom entry filtering options. +* Garbage collects any content entries not referenced by the index. +* Checks integrity for all content entries and removes invalid content. +* Fixes cache ownership. +* Removes the `tmp` directory in the cache and all its contents. + +When it's done, it'll return an object with various stats about the verification +process, including amount of storage reclaimed, number of valid entries, number +of entries removed, etc. + +##### Options + +* `opts.filter` - receives a formatted entry. Return false to remove it. + Note: might be called more than once on the same entry. + +##### Example + +```sh +echo somegarbage >> $CACHEPATH/content/deadbeef +``` + +```javascript +cacache.verify(cachePath).then(stats => { + // deadbeef collected, because of invalid checksum. + console.log('cache is much nicer now! stats:', stats) +}) +``` + +#### `> cacache.verify.lastRun(cache) -> Promise` + +Returns a `Date` representing the last time `cacache.verify` was run on `cache`. + +##### Example + +```javascript +cacache.verify(cachePath).then(() => { + cacache.verify.lastRun(cachePath).then(lastTime => { + console.log('cacache.verify was last called on' + lastTime) + }) +}) +``` diff --git a/node_modules/make-fetch-happen/node_modules/cacache/en.js b/node_modules/make-fetch-happen/node_modules/cacache/en.js new file mode 100644 index 0000000000000..a3db581c9f1fa --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/en.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./locales/en.js') diff --git a/node_modules/make-fetch-happen/node_modules/cacache/es.js b/node_modules/make-fetch-happen/node_modules/cacache/es.js new file mode 100644 index 0000000000000..6282363c3bdbf --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/es.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./locales/es.js') diff --git a/node_modules/make-fetch-happen/node_modules/cacache/get.js b/node_modules/make-fetch-happen/node_modules/cacache/get.js new file mode 100644 index 0000000000000..008cb83a9ed87 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/get.js @@ -0,0 +1,247 @@ +'use strict' + +const BB = require('bluebird') + +const figgyPudding = require('figgy-pudding') +const fs = require('fs') +const index = require('./lib/entry-index') +const memo = require('./lib/memoization') +const pipe = require('mississippi').pipe +const pipeline = require('mississippi').pipeline +const read = require('./lib/content/read') +const through = require('mississippi').through + +const GetOpts = figgyPudding({ + integrity: {}, + memoize: {}, + size: {} +}) + +module.exports = function get (cache, key, opts) { + return getData(false, cache, key, opts) +} +module.exports.byDigest = function getByDigest (cache, digest, opts) { + return getData(true, cache, digest, opts) +} +function getData (byDigest, cache, key, opts) { + opts = GetOpts(opts) + const memoized = ( + byDigest + ? memo.get.byDigest(cache, key, opts) + : memo.get(cache, key, opts) + ) + if (memoized && opts.memoize !== false) { + return BB.resolve(byDigest ? memoized : { + metadata: memoized.entry.metadata, + data: memoized.data, + integrity: memoized.entry.integrity, + size: memoized.entry.size + }) + } + return ( + byDigest ? BB.resolve(null) : index.find(cache, key, opts) + ).then(entry => { + if (!entry && !byDigest) { + throw new index.NotFoundError(cache, key) + } + return read(cache, byDigest ? key : entry.integrity, { + integrity: opts.integrity, + size: opts.size + }).then(data => byDigest ? data : { + metadata: entry.metadata, + data: data, + size: entry.size, + integrity: entry.integrity + }).then(res => { + if (opts.memoize && byDigest) { + memo.put.byDigest(cache, key, res, opts) + } else if (opts.memoize) { + memo.put(cache, entry, res.data, opts) + } + return res + }) + }) +} + +module.exports.sync = function get (cache, key, opts) { + return getDataSync(false, cache, key, opts) +} +module.exports.sync.byDigest = function getByDigest (cache, digest, opts) { + return getDataSync(true, cache, digest, opts) +} +function getDataSync (byDigest, cache, key, opts) { + opts = GetOpts(opts) + const memoized = ( + byDigest + ? memo.get.byDigest(cache, key, opts) + : memo.get(cache, key, opts) + ) + if (memoized && opts.memoize !== false) { + return byDigest ? memoized : { + metadata: memoized.entry.metadata, + data: memoized.data, + integrity: memoized.entry.integrity, + size: memoized.entry.size + } + } + const entry = !byDigest && index.find.sync(cache, key, opts) + if (!entry && !byDigest) { + throw new index.NotFoundError(cache, key) + } + const data = read.sync( + cache, + byDigest ? key : entry.integrity, + { + integrity: opts.integrity, + size: opts.size + } + ) + const res = byDigest + ? data + : { + metadata: entry.metadata, + data: data, + size: entry.size, + integrity: entry.integrity + } + if (opts.memoize && byDigest) { + memo.put.byDigest(cache, key, res, opts) + } else if (opts.memoize) { + memo.put(cache, entry, res.data, opts) + } + return res +} + +module.exports.stream = getStream +function getStream (cache, key, opts) { + opts = GetOpts(opts) + let stream = through() + const memoized = memo.get(cache, key, opts) + if (memoized && opts.memoize !== false) { + stream.on('newListener', function (ev, cb) { + ev === 'metadata' && cb(memoized.entry.metadata) + ev === 'integrity' && cb(memoized.entry.integrity) + ev === 'size' && cb(memoized.entry.size) + }) + stream.write(memoized.data, () => stream.end()) + return stream + } + index.find(cache, key).then(entry => { + if (!entry) { + return stream.emit( + 'error', new index.NotFoundError(cache, key) + ) + } + let memoStream + if (opts.memoize) { + let memoData = [] + let memoLength = 0 + memoStream = through((c, en, cb) => { + memoData && memoData.push(c) + memoLength += c.length + cb(null, c, en) + }, cb => { + memoData && memo.put(cache, entry, Buffer.concat(memoData, memoLength), opts) + cb() + }) + } else { + memoStream = through() + } + stream.emit('metadata', entry.metadata) + stream.emit('integrity', entry.integrity) + stream.emit('size', entry.size) + stream.on('newListener', function (ev, cb) { + ev === 'metadata' && cb(entry.metadata) + ev === 'integrity' && cb(entry.integrity) + ev === 'size' && cb(entry.size) + }) + pipe( + read.readStream(cache, entry.integrity, opts.concat({ + size: opts.size == null ? entry.size : opts.size + })), + memoStream, + stream + ) + }).catch(err => stream.emit('error', err)) + return stream +} + +module.exports.stream.byDigest = getStreamDigest +function getStreamDigest (cache, integrity, opts) { + opts = GetOpts(opts) + const memoized = memo.get.byDigest(cache, integrity, opts) + if (memoized && opts.memoize !== false) { + const stream = through() + stream.write(memoized, () => stream.end()) + return stream + } else { + let stream = read.readStream(cache, integrity, opts) + if (opts.memoize) { + let memoData = [] + let memoLength = 0 + const memoStream = through((c, en, cb) => { + memoData && memoData.push(c) + memoLength += c.length + cb(null, c, en) + }, cb => { + memoData && memo.put.byDigest( + cache, + integrity, + Buffer.concat(memoData, memoLength), + opts + ) + cb() + }) + stream = pipeline(stream, memoStream) + } + return stream + } +} + +module.exports.info = info +function info (cache, key, opts) { + opts = GetOpts(opts) + const memoized = memo.get(cache, key, opts) + if (memoized && opts.memoize !== false) { + return BB.resolve(memoized.entry) + } else { + return index.find(cache, key) + } +} + +module.exports.hasContent = read.hasContent + +module.exports.copy = function cp (cache, key, dest, opts) { + return copy(false, cache, key, dest, opts) +} +module.exports.copy.byDigest = function cpDigest (cache, digest, dest, opts) { + return copy(true, cache, digest, dest, opts) +} +function copy (byDigest, cache, key, dest, opts) { + opts = GetOpts(opts) + if (read.copy) { + return ( + byDigest ? BB.resolve(null) : index.find(cache, key, opts) + ).then(entry => { + if (!entry && !byDigest) { + throw new index.NotFoundError(cache, key) + } + return read.copy( + cache, byDigest ? key : entry.integrity, dest, opts + ).then(() => byDigest ? key : { + metadata: entry.metadata, + size: entry.size, + integrity: entry.integrity + }) + }) + } else { + return getData(byDigest, cache, key, opts).then(res => { + return fs.writeFileAsync(dest, byDigest ? res : res.data) + .then(() => byDigest ? key : { + metadata: res.metadata, + size: res.size, + integrity: res.integrity + }) + }) + } +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/index.js b/node_modules/make-fetch-happen/node_modules/cacache/index.js new file mode 100644 index 0000000000000..a3db581c9f1fa --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/index.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./locales/en.js') diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/content/path.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/content/path.js new file mode 100644 index 0000000000000..c67c28061259f --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/content/path.js @@ -0,0 +1,26 @@ +'use strict' + +const contentVer = require('../../package.json')['cache-version'].content +const hashToSegments = require('../util/hash-to-segments') +const path = require('path') +const ssri = require('ssri') + +// Current format of content file path: +// +// sha512-BaSE64Hex= -> +// ~/.my-cache/content-v2/sha512/ba/da/55deadbeefc0ffee +// +module.exports = contentPath +function contentPath (cache, integrity) { + const sri = ssri.parse(integrity, { single: true }) + // contentPath is the *strongest* algo given + return path.join.apply(path, [ + contentDir(cache), + sri.algorithm + ].concat(hashToSegments(sri.hexDigest()))) +} + +module.exports._contentDir = contentDir +function contentDir (cache) { + return path.join(cache, `content-v${contentVer}`) +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/content/read.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/content/read.js new file mode 100644 index 0000000000000..7929524f82c3c --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/content/read.js @@ -0,0 +1,195 @@ +'use strict' + +const BB = require('bluebird') + +const contentPath = require('./path') +const figgyPudding = require('figgy-pudding') +const fs = require('graceful-fs') +const PassThrough = require('stream').PassThrough +const pipe = BB.promisify(require('mississippi').pipe) +const ssri = require('ssri') +const Y = require('../util/y.js') + +const lstatAsync = BB.promisify(fs.lstat) +const readFileAsync = BB.promisify(fs.readFile) + +const ReadOpts = figgyPudding({ + size: {} +}) + +module.exports = read +function read (cache, integrity, opts) { + opts = ReadOpts(opts) + return withContentSri(cache, integrity, (cpath, sri) => { + return readFileAsync(cpath, null).then(data => { + if (typeof opts.size === 'number' && opts.size !== data.length) { + throw sizeError(opts.size, data.length) + } else if (ssri.checkData(data, sri)) { + return data + } else { + throw integrityError(sri, cpath) + } + }) + }) +} + +module.exports.sync = readSync +function readSync (cache, integrity, opts) { + opts = ReadOpts(opts) + return withContentSriSync(cache, integrity, (cpath, sri) => { + const data = fs.readFileSync(cpath) + if (typeof opts.size === 'number' && opts.size !== data.length) { + throw sizeError(opts.size, data.length) + } else if (ssri.checkData(data, sri)) { + return data + } else { + throw integrityError(sri, cpath) + } + }) +} + +module.exports.stream = readStream +module.exports.readStream = readStream +function readStream (cache, integrity, opts) { + opts = ReadOpts(opts) + const stream = new PassThrough() + withContentSri(cache, integrity, (cpath, sri) => { + return lstatAsync(cpath).then(stat => ({ cpath, sri, stat })) + }).then(({ cpath, sri, stat }) => { + return pipe( + fs.createReadStream(cpath), + ssri.integrityStream({ + integrity: sri, + size: opts.size + }), + stream + ) + }).catch(err => { + stream.emit('error', err) + }) + return stream +} + +let copyFileAsync +if (fs.copyFile) { + module.exports.copy = copy + module.exports.copy.sync = copySync + copyFileAsync = BB.promisify(fs.copyFile) +} + +function copy (cache, integrity, dest, opts) { + opts = ReadOpts(opts) + return withContentSri(cache, integrity, (cpath, sri) => { + return copyFileAsync(cpath, dest) + }) +} + +function copySync (cache, integrity, dest, opts) { + opts = ReadOpts(opts) + return withContentSriSync(cache, integrity, (cpath, sri) => { + return fs.copyFileSync(cpath, dest) + }) +} + +module.exports.hasContent = hasContent +function hasContent (cache, integrity) { + if (!integrity) { return BB.resolve(false) } + return withContentSri(cache, integrity, (cpath, sri) => { + return lstatAsync(cpath).then(stat => ({ size: stat.size, sri, stat })) + }).catch(err => { + if (err.code === 'ENOENT') { return false } + if (err.code === 'EPERM') { + if (process.platform !== 'win32') { + throw err + } else { + return false + } + } + }) +} + +module.exports.hasContent.sync = hasContentSync +function hasContentSync (cache, integrity) { + if (!integrity) { return false } + return withContentSriSync(cache, integrity, (cpath, sri) => { + try { + const stat = fs.lstatSync(cpath) + return { size: stat.size, sri, stat } + } catch (err) { + if (err.code === 'ENOENT') { return false } + if (err.code === 'EPERM') { + if (process.platform !== 'win32') { + throw err + } else { + return false + } + } + } + }) +} + +function withContentSri (cache, integrity, fn) { + return BB.try(() => { + const sri = ssri.parse(integrity) + // If `integrity` has multiple entries, pick the first digest + // with available local data. + const algo = sri.pickAlgorithm() + const digests = sri[algo] + if (digests.length <= 1) { + const cpath = contentPath(cache, digests[0]) + return fn(cpath, digests[0]) + } else { + return BB.any(sri[sri.pickAlgorithm()].map(meta => { + return withContentSri(cache, meta, fn) + }, { concurrency: 1 })) + .catch(err => { + if ([].some.call(err, e => e.code === 'ENOENT')) { + throw Object.assign( + new Error('No matching content found for ' + sri.toString()), + { code: 'ENOENT' } + ) + } else { + throw err[0] + } + }) + } + }) +} + +function withContentSriSync (cache, integrity, fn) { + const sri = ssri.parse(integrity) + // If `integrity` has multiple entries, pick the first digest + // with available local data. + const algo = sri.pickAlgorithm() + const digests = sri[algo] + if (digests.length <= 1) { + const cpath = contentPath(cache, digests[0]) + return fn(cpath, digests[0]) + } else { + let lastErr = null + for (const meta of sri[sri.pickAlgorithm()]) { + try { + return withContentSriSync(cache, meta, fn) + } catch (err) { + lastErr = err + } + } + if (lastErr) { throw lastErr } + } +} + +function sizeError (expected, found) { + var err = new Error(Y`Bad data size: expected inserted data to be ${expected} bytes, but got ${found} instead`) + err.expected = expected + err.found = found + err.code = 'EBADSIZE' + return err +} + +function integrityError (sri, path) { + var err = new Error(Y`Integrity verification failed for ${sri} (${path})`) + err.code = 'EINTEGRITY' + err.sri = sri + err.path = path + return err +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/content/rm.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/content/rm.js new file mode 100644 index 0000000000000..12cf1582358dd --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/content/rm.js @@ -0,0 +1,21 @@ +'use strict' + +const BB = require('bluebird') + +const contentPath = require('./path') +const hasContent = require('./read').hasContent +const rimraf = BB.promisify(require('rimraf')) + +module.exports = rm +function rm (cache, integrity) { + return hasContent(cache, integrity).then(content => { + if (content) { + const sri = content.sri + if (sri) { + return rimraf(contentPath(cache, sri)).then(() => true) + } + } else { + return false + } + }) +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/content/write.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/content/write.js new file mode 100644 index 0000000000000..4d96a3cffe1f1 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/content/write.js @@ -0,0 +1,164 @@ +'use strict' + +const BB = require('bluebird') + +const contentPath = require('./path') +const fixOwner = require('../util/fix-owner') +const fs = require('graceful-fs') +const moveFile = require('../util/move-file') +const PassThrough = require('stream').PassThrough +const path = require('path') +const pipe = BB.promisify(require('mississippi').pipe) +const rimraf = BB.promisify(require('rimraf')) +const ssri = require('ssri') +const to = require('mississippi').to +const uniqueFilename = require('unique-filename') +const Y = require('../util/y.js') + +const writeFileAsync = BB.promisify(fs.writeFile) + +module.exports = write +function write (cache, data, opts) { + opts = opts || {} + if (opts.algorithms && opts.algorithms.length > 1) { + throw new Error( + Y`opts.algorithms only supports a single algorithm for now` + ) + } + if (typeof opts.size === 'number' && data.length !== opts.size) { + return BB.reject(sizeError(opts.size, data.length)) + } + const sri = ssri.fromData(data, { + algorithms: opts.algorithms + }) + if (opts.integrity && !ssri.checkData(data, opts.integrity, opts)) { + return BB.reject(checksumError(opts.integrity, sri)) + } + return BB.using(makeTmp(cache, opts), tmp => ( + writeFileAsync( + tmp.target, data, { flag: 'wx' } + ).then(() => ( + moveToDestination(tmp, cache, sri, opts) + )) + )).then(() => ({ integrity: sri, size: data.length })) +} + +module.exports.stream = writeStream +function writeStream (cache, opts) { + opts = opts || {} + const inputStream = new PassThrough() + let inputErr = false + function errCheck () { + if (inputErr) { throw inputErr } + } + + let allDone + const ret = to((c, n, cb) => { + if (!allDone) { + allDone = handleContent(inputStream, cache, opts, errCheck) + } + inputStream.write(c, n, cb) + }, cb => { + inputStream.end(() => { + if (!allDone) { + const e = new Error(Y`Cache input stream was empty`) + e.code = 'ENODATA' + return ret.emit('error', e) + } + allDone.then(res => { + res.integrity && ret.emit('integrity', res.integrity) + res.size !== null && ret.emit('size', res.size) + cb() + }, e => { + ret.emit('error', e) + }) + }) + }) + ret.once('error', e => { + inputErr = e + }) + return ret +} + +function handleContent (inputStream, cache, opts, errCheck) { + return BB.using(makeTmp(cache, opts), tmp => { + errCheck() + return pipeToTmp( + inputStream, cache, tmp.target, opts, errCheck + ).then(res => { + return moveToDestination( + tmp, cache, res.integrity, opts, errCheck + ).then(() => res) + }) + }) +} + +function pipeToTmp (inputStream, cache, tmpTarget, opts, errCheck) { + return BB.resolve().then(() => { + let integrity + let size + const hashStream = ssri.integrityStream({ + integrity: opts.integrity, + algorithms: opts.algorithms, + size: opts.size + }).on('integrity', s => { + integrity = s + }).on('size', s => { + size = s + }) + const outStream = fs.createWriteStream(tmpTarget, { + flags: 'wx' + }) + errCheck() + return pipe(inputStream, hashStream, outStream).then(() => { + return { integrity, size } + }).catch(err => { + return rimraf(tmpTarget).then(() => { throw err }) + }) + }) +} + +function makeTmp (cache, opts) { + const tmpTarget = uniqueFilename(path.join(cache, 'tmp'), opts.tmpPrefix) + return fixOwner.mkdirfix( + cache, path.dirname(tmpTarget) + ).then(() => ({ + target: tmpTarget, + moved: false + })).disposer(tmp => (!tmp.moved && rimraf(tmp.target))) +} + +function moveToDestination (tmp, cache, sri, opts, errCheck) { + errCheck && errCheck() + const destination = contentPath(cache, sri) + const destDir = path.dirname(destination) + + return fixOwner.mkdirfix( + cache, destDir + ).then(() => { + errCheck && errCheck() + return moveFile(tmp.target, destination) + }).then(() => { + errCheck && errCheck() + tmp.moved = true + return fixOwner.chownr(cache, destination) + }) +} + +function sizeError (expected, found) { + var err = new Error(Y`Bad data size: expected inserted data to be ${expected} bytes, but got ${found} instead`) + err.expected = expected + err.found = found + err.code = 'EBADSIZE' + return err +} + +function checksumError (expected, found) { + var err = new Error(Y`Integrity check failed: + Wanted: ${expected} + Found: ${found}`) + err.code = 'EINTEGRITY' + err.expected = expected + err.found = found + return err +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/entry-index.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/entry-index.js new file mode 100644 index 0000000000000..dee1824b1d091 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/entry-index.js @@ -0,0 +1,288 @@ +'use strict' + +const BB = require('bluebird') + +const contentPath = require('./content/path') +const crypto = require('crypto') +const figgyPudding = require('figgy-pudding') +const fixOwner = require('./util/fix-owner') +const fs = require('graceful-fs') +const hashToSegments = require('./util/hash-to-segments') +const ms = require('mississippi') +const path = require('path') +const ssri = require('ssri') +const Y = require('./util/y.js') + +const indexV = require('../package.json')['cache-version'].index + +const appendFileAsync = BB.promisify(fs.appendFile) +const readFileAsync = BB.promisify(fs.readFile) +const readdirAsync = BB.promisify(fs.readdir) +const concat = ms.concat +const from = ms.from + +module.exports.NotFoundError = class NotFoundError extends Error { + constructor (cache, key) { + super(Y`No cache entry for \`${key}\` found in \`${cache}\``) + this.code = 'ENOENT' + this.cache = cache + this.key = key + } +} + +const IndexOpts = figgyPudding({ + metadata: {}, + size: {} +}) + +module.exports.insert = insert +function insert (cache, key, integrity, opts) { + opts = IndexOpts(opts) + const bucket = bucketPath(cache, key) + const entry = { + key, + integrity: integrity && ssri.stringify(integrity), + time: Date.now(), + size: opts.size, + metadata: opts.metadata + } + return fixOwner.mkdirfix( + cache, path.dirname(bucket) + ).then(() => { + const stringified = JSON.stringify(entry) + // NOTE - Cleverness ahoy! + // + // This works because it's tremendously unlikely for an entry to corrupt + // another while still preserving the string length of the JSON in + // question. So, we just slap the length in there and verify it on read. + // + // Thanks to @isaacs for the whiteboarding session that ended up with this. + return appendFileAsync( + bucket, `\n${hashEntry(stringified)}\t${stringified}` + ) + }).then( + () => fixOwner.chownr(cache, bucket) + ).catch({ code: 'ENOENT' }, () => { + // There's a class of race conditions that happen when things get deleted + // during fixOwner, or between the two mkdirfix/chownr calls. + // + // It's perfectly fine to just not bother in those cases and lie + // that the index entry was written. Because it's a cache. + }).then(() => { + return formatEntry(cache, entry) + }) +} + +module.exports.insert.sync = insertSync +function insertSync (cache, key, integrity, opts) { + opts = IndexOpts(opts) + const bucket = bucketPath(cache, key) + const entry = { + key, + integrity: integrity && ssri.stringify(integrity), + time: Date.now(), + size: opts.size, + metadata: opts.metadata + } + fixOwner.mkdirfix.sync(cache, path.dirname(bucket)) + const stringified = JSON.stringify(entry) + fs.appendFileSync( + bucket, `\n${hashEntry(stringified)}\t${stringified}` + ) + try { + fixOwner.chownr.sync(cache, bucket) + } catch (err) { + if (err.code !== 'ENOENT') { + throw err + } + } + return formatEntry(cache, entry) +} + +module.exports.find = find +function find (cache, key) { + const bucket = bucketPath(cache, key) + return bucketEntries(bucket).then(entries => { + return entries.reduce((latest, next) => { + if (next && next.key === key) { + return formatEntry(cache, next) + } else { + return latest + } + }, null) + }).catch(err => { + if (err.code === 'ENOENT') { + return null + } else { + throw err + } + }) +} + +module.exports.find.sync = findSync +function findSync (cache, key) { + const bucket = bucketPath(cache, key) + try { + return bucketEntriesSync(bucket).reduce((latest, next) => { + if (next && next.key === key) { + return formatEntry(cache, next) + } else { + return latest + } + }, null) + } catch (err) { + if (err.code === 'ENOENT') { + return null + } else { + throw err + } + } +} + +module.exports.delete = del +function del (cache, key, opts) { + return insert(cache, key, null, opts) +} + +module.exports.delete.sync = delSync +function delSync (cache, key, opts) { + return insertSync(cache, key, null, opts) +} + +module.exports.lsStream = lsStream +function lsStream (cache) { + const indexDir = bucketDir(cache) + const stream = from.obj() + + // "/cachename/*" + readdirOrEmpty(indexDir).map(bucket => { + const bucketPath = path.join(indexDir, bucket) + + // "/cachename//*" + return readdirOrEmpty(bucketPath).map(subbucket => { + const subbucketPath = path.join(bucketPath, subbucket) + + // "/cachename///*" + return readdirOrEmpty(subbucketPath).map(entry => { + const getKeyToEntry = bucketEntries( + path.join(subbucketPath, entry) + ).reduce((acc, entry) => { + acc.set(entry.key, entry) + return acc + }, new Map()) + + return getKeyToEntry.then(reduced => { + for (let entry of reduced.values()) { + const formatted = formatEntry(cache, entry) + formatted && stream.push(formatted) + } + }).catch({ code: 'ENOENT' }, nop) + }) + }) + }).then(() => { + stream.push(null) + }, err => { + stream.emit('error', err) + }) + + return stream +} + +module.exports.ls = ls +function ls (cache) { + return BB.fromNode(cb => { + lsStream(cache).on('error', cb).pipe(concat(entries => { + cb(null, entries.reduce((acc, xs) => { + acc[xs.key] = xs + return acc + }, {})) + })) + }) +} + +function bucketEntries (bucket, filter) { + return readFileAsync( + bucket, 'utf8' + ).then(data => _bucketEntries(data, filter)) +} + +function bucketEntriesSync (bucket, filter) { + const data = fs.readFileSync(bucket, 'utf8') + return _bucketEntries(data, filter) +} + +function _bucketEntries (data, filter) { + let entries = [] + data.split('\n').forEach(entry => { + if (!entry) { return } + const pieces = entry.split('\t') + if (!pieces[1] || hashEntry(pieces[1]) !== pieces[0]) { + // Hash is no good! Corruption or malice? Doesn't matter! + // EJECT EJECT + return + } + let obj + try { + obj = JSON.parse(pieces[1]) + } catch (e) { + // Entry is corrupted! + return + } + if (obj) { + entries.push(obj) + } + }) + return entries +} + +module.exports._bucketDir = bucketDir +function bucketDir (cache) { + return path.join(cache, `index-v${indexV}`) +} + +module.exports._bucketPath = bucketPath +function bucketPath (cache, key) { + const hashed = hashKey(key) + return path.join.apply(path, [bucketDir(cache)].concat( + hashToSegments(hashed) + )) +} + +module.exports._hashKey = hashKey +function hashKey (key) { + return hash(key, 'sha256') +} + +module.exports._hashEntry = hashEntry +function hashEntry (str) { + return hash(str, 'sha1') +} + +function hash (str, digest) { + return crypto + .createHash(digest) + .update(str) + .digest('hex') +} + +function formatEntry (cache, entry) { + // Treat null digests as deletions. They'll shadow any previous entries. + if (!entry.integrity) { return null } + return { + key: entry.key, + integrity: entry.integrity, + path: contentPath(cache, entry.integrity), + size: entry.size, + time: entry.time, + metadata: entry.metadata + } +} + +function readdirOrEmpty (dir) { + return readdirAsync(dir) + .catch({ code: 'ENOENT' }, () => []) + .catch({ code: 'ENOTDIR' }, () => []) +} + +function nop () { +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/memoization.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/memoization.js new file mode 100644 index 0000000000000..92179c7ac6afc --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/memoization.js @@ -0,0 +1,69 @@ +'use strict' + +const LRU = require('lru-cache') + +const MAX_SIZE = 50 * 1024 * 1024 // 50MB +const MAX_AGE = 3 * 60 * 1000 + +let MEMOIZED = new LRU({ + max: MAX_SIZE, + maxAge: MAX_AGE, + length: (entry, key) => { + if (key.startsWith('key:')) { + return entry.data.length + } else if (key.startsWith('digest:')) { + return entry.length + } + } +}) + +module.exports.clearMemoized = clearMemoized +function clearMemoized () { + const old = {} + MEMOIZED.forEach((v, k) => { + old[k] = v + }) + MEMOIZED.reset() + return old +} + +module.exports.put = put +function put (cache, entry, data, opts) { + pickMem(opts).set(`key:${cache}:${entry.key}`, { entry, data }) + putDigest(cache, entry.integrity, data, opts) +} + +module.exports.put.byDigest = putDigest +function putDigest (cache, integrity, data, opts) { + pickMem(opts).set(`digest:${cache}:${integrity}`, data) +} + +module.exports.get = get +function get (cache, key, opts) { + return pickMem(opts).get(`key:${cache}:${key}`) +} + +module.exports.get.byDigest = getDigest +function getDigest (cache, integrity, opts) { + return pickMem(opts).get(`digest:${cache}:${integrity}`) +} + +class ObjProxy { + constructor (obj) { + this.obj = obj + } + get (key) { return this.obj[key] } + set (key, val) { this.obj[key] = val } +} + +function pickMem (opts) { + if (!opts || !opts.memoize) { + return MEMOIZED + } else if (opts.memoize.get && opts.memoize.set) { + return opts.memoize + } else if (typeof opts.memoize === 'object') { + return new ObjProxy(opts.memoize) + } else { + return MEMOIZED + } +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/util/fix-owner.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/fix-owner.js new file mode 100644 index 0000000000000..7eb9befe599b7 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/fix-owner.js @@ -0,0 +1,122 @@ +'use strict' + +const BB = require('bluebird') + +const chownr = BB.promisify(require('chownr')) +const mkdirp = BB.promisify(require('mkdirp')) +const inflight = require('promise-inflight') +const inferOwner = require('./infer-owner.js') + +// Memoize getuid()/getgid() calls. +// patch process.setuid/setgid to invalidate cached value on change +const self = { uid: null, gid: null } +const getSelf = () => { + if (typeof self.uid !== 'number') { + self.uid = process.getuid() + const setuid = process.setuid + process.setuid = (uid) => { + self.uid = null + process.setuid = setuid + return process.setuid(uid) + } + } + if (typeof self.gid !== 'number') { + self.gid = process.getgid() + const setgid = process.setgid + process.setgid = (gid) => { + self.gid = null + process.setgid = setgid + return process.setgid(gid) + } + } +} + +module.exports.chownr = fixOwner +function fixOwner (cache, filepath) { + if (!process.getuid) { + // This platform doesn't need ownership fixing + return BB.resolve() + } + return inferOwner(cache).then(owner => { + const { uid, gid } = owner + getSelf() + + // No need to override if it's already what we used. + if (self.uid === uid && self.gid === gid) { + return + } + + return inflight( + 'fixOwner: fixing ownership on ' + filepath, + () => chownr( + filepath, + typeof uid === 'number' ? uid : self.uid, + typeof gid === 'number' ? gid : self.gid + ).catch({ code: 'ENOENT' }, () => null) + ) + }) +} + +module.exports.chownr.sync = fixOwnerSync +function fixOwnerSync (cache, filepath) { + if (!process.getuid) { + // This platform doesn't need ownership fixing + return + } + const { uid, gid } = inferOwner.sync(cache) + getSelf() + if (self.uid === uid && self.gid === gid) { + // No need to override if it's already what we used. + return + } + try { + chownr.sync( + filepath, + typeof uid === 'number' ? uid : self.uid, + typeof gid === 'number' ? gid : self.gid + ) + } catch (err) { + // only catch ENOENT, any other error is a problem. + if (err.code === 'ENOENT') { + return null + } + throw err + } +} + +module.exports.mkdirfix = mkdirfix +function mkdirfix (cache, p, cb) { + // we have to infer the owner _before_ making the directory, even though + // we aren't going to use the results, since the cache itself might not + // exist yet. If we mkdirp it, then our current uid/gid will be assumed + // to be correct if it creates the cache folder in the process. + return inferOwner(cache).then(() => { + return mkdirp(p).then(made => { + if (made) { + return fixOwner(cache, made).then(() => made) + } + }).catch({ code: 'EEXIST' }, () => { + // There's a race in mkdirp! + return fixOwner(cache, p).then(() => null) + }) + }) +} + +module.exports.mkdirfix.sync = mkdirfixSync +function mkdirfixSync (cache, p) { + try { + inferOwner.sync(cache) + const made = mkdirp.sync(p) + if (made) { + fixOwnerSync(cache, made) + return made + } + } catch (err) { + if (err.code === 'EEXIST') { + fixOwnerSync(cache, p) + return null + } else { + throw err + } + } +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/util/hash-to-segments.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/hash-to-segments.js new file mode 100644 index 0000000000000..192be2a6d650a --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/hash-to-segments.js @@ -0,0 +1,11 @@ +'use strict' + +module.exports = hashToSegments + +function hashToSegments (hash) { + return [ + hash.slice(0, 2), + hash.slice(2, 4), + hash.slice(4) + ] +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/util/infer-owner.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/infer-owner.js new file mode 100644 index 0000000000000..17e423d57f369 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/infer-owner.js @@ -0,0 +1,80 @@ +'use strict' + +// This is only called by lib/util/fix-owner.js +// +// Get the uid/gid from the cache folder itself, not from +// settings being passed in. Too flaky otherwise, because the +// opts baton has to be passed properrly through half a dozen +// different modules. +// +// This module keeps a Map of cache=>{uid,gid}. If not in the map, +// then stat the folder, then the parent, ..., until it finds a folder +// that exists, and use that folder's uid and gid as the owner. +// +// If we don't have getuid/getgid, then this never gets called. + +const BB = require('bluebird') +const fs = require('fs') +const lstat = BB.promisify(fs.lstat) +const lstatSync = fs.lstatSync +const { dirname } = require('path') +const inflight = require('promise-inflight') + +const cacheToOwner = new Map() + +const inferOwner = cache => { + if (cacheToOwner.has(cache)) { + // already inferred it + return BB.resolve(cacheToOwner.get(cache)) + } + + const statThen = st => { + const { uid, gid } = st + cacheToOwner.set(cache, { uid, gid }) + return { uid, gid } + } + // check the parent if the cache itself fails + // likely it does not exist yet. + const parent = dirname(cache) + const parentTrap = parent === cache ? null : er => { + return inferOwner(parent).then((owner) => { + cacheToOwner.set(cache, owner) + return owner + }) + } + return lstat(cache).then(statThen, parentTrap) +} + +const inferOwnerSync = cache => { + if (cacheToOwner.has(cache)) { + // already inferred it + return cacheToOwner.get(cache) + } + + // the parent we'll check if it doesn't exist yet + const parent = dirname(cache) + // avoid obscuring call site by re-throwing + // "catch" the error by returning from a finally, + // only if we're not at the root, and the parent call works. + let threw = true + try { + const st = lstatSync(cache) + threw = false + const { uid, gid } = st + cacheToOwner.set(cache, { uid, gid }) + return { uid, gid } + } finally { + if (threw && parent !== cache) { + const owner = inferOwnerSync(parent) + cacheToOwner.set(cache, owner) + return owner // eslint-disable-line no-unsafe-finally + } + } +} + +module.exports = cache => inflight( + 'inferOwner: detecting ownership of ' + cache, + () => inferOwner(cache) +) + +module.exports.sync = inferOwnerSync diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/util/move-file.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/move-file.js new file mode 100644 index 0000000000000..b43744b3da867 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/move-file.js @@ -0,0 +1,51 @@ +'use strict' + +const fs = require('graceful-fs') +const BB = require('bluebird') +const chmod = BB.promisify(fs.chmod) +const unlink = BB.promisify(fs.unlink) +let move +let pinflight + +module.exports = moveFile +function moveFile (src, dest) { + // This isn't quite an fs.rename -- the assumption is that + // if `dest` already exists, and we get certain errors while + // trying to move it, we should just not bother. + // + // In the case of cache corruption, users will receive an + // EINTEGRITY error elsewhere, and can remove the offending + // content their own way. + // + // Note that, as the name suggests, this strictly only supports file moves. + return BB.fromNode(cb => { + fs.link(src, dest, err => { + if (err) { + if (err.code === 'EEXIST' || err.code === 'EBUSY') { + // file already exists, so whatever + } else if (err.code === 'EPERM' && process.platform === 'win32') { + // file handle stayed open even past graceful-fs limits + } else { + return cb(err) + } + } + return cb() + }) + }).then(() => { + // content should never change for any reason, so make it read-only + return BB.join(unlink(src), process.platform !== 'win32' && chmod(dest, '0444')) + }).catch(() => { + if (!pinflight) { pinflight = require('promise-inflight') } + return pinflight('cacache-move-file:' + dest, () => { + return BB.promisify(fs.stat)(dest).catch(err => { + if (err.code !== 'ENOENT') { + // Something else is wrong here. Bail bail bail + throw err + } + // file doesn't already exist! let's try a rename -> copy fallback + if (!move) { move = require('move-concurrently') } + return move(src, dest, { BB, fs }) + }) + }) + }) +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/util/tmp.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/tmp.js new file mode 100644 index 0000000000000..78494b8eae712 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/tmp.js @@ -0,0 +1,37 @@ +'use strict' + +const BB = require('bluebird') + +const figgyPudding = require('figgy-pudding') +const fixOwner = require('./fix-owner') +const path = require('path') +const rimraf = BB.promisify(require('rimraf')) +const uniqueFilename = require('unique-filename') + +const TmpOpts = figgyPudding({ + tmpPrefix: {} +}) + +module.exports.mkdir = mktmpdir +function mktmpdir (cache, opts) { + opts = TmpOpts(opts) + const tmpTarget = uniqueFilename(path.join(cache, 'tmp'), opts.tmpPrefix) + return fixOwner.mkdirfix(cache, tmpTarget).then(() => { + return tmpTarget + }) +} + +module.exports.withTmp = withTmp +function withTmp (cache, opts, cb) { + if (!cb) { + cb = opts + opts = null + } + opts = TmpOpts(opts) + return BB.using(mktmpdir(cache, opts).disposer(rimraf), cb) +} + +module.exports.fix = fixtmpdir +function fixtmpdir (cache) { + return fixOwner(cache, path.join(cache, 'tmp')) +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/util/y.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/y.js new file mode 100644 index 0000000000000..d62bedacb32a2 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/util/y.js @@ -0,0 +1,25 @@ +'use strict' + +const path = require('path') +const y18n = require('y18n')({ + directory: path.join(__dirname, '../../locales'), + locale: 'en', + updateFiles: process.env.CACACHE_UPDATE_LOCALE_FILES === 'true' +}) + +module.exports = yTag +function yTag (parts) { + let str = '' + parts.forEach((part, i) => { + const arg = arguments[i + 1] + str += part + if (arg) { + str += '%s' + } + }) + return y18n.__.apply(null, [str].concat([].slice.call(arguments, 1))) +} + +module.exports.setLocale = locale => { + y18n.setLocale(locale) +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/lib/verify.js b/node_modules/make-fetch-happen/node_modules/cacache/lib/verify.js new file mode 100644 index 0000000000000..617d38db12c33 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/lib/verify.js @@ -0,0 +1,227 @@ +'use strict' + +const BB = require('bluebird') + +const contentPath = require('./content/path') +const figgyPudding = require('figgy-pudding') +const finished = BB.promisify(require('mississippi').finished) +const fixOwner = require('./util/fix-owner') +const fs = require('graceful-fs') +const glob = BB.promisify(require('glob')) +const index = require('./entry-index') +const path = require('path') +const rimraf = BB.promisify(require('rimraf')) +const ssri = require('ssri') + +BB.promisifyAll(fs) + +const VerifyOpts = figgyPudding({ + concurrency: { + default: 20 + }, + filter: {}, + log: { + default: { silly () {} } + } +}) + +module.exports = verify +function verify (cache, opts) { + opts = VerifyOpts(opts) + opts.log.silly('verify', 'verifying cache at', cache) + return BB.reduce([ + markStartTime, + fixPerms, + garbageCollect, + rebuildIndex, + cleanTmp, + writeVerifile, + markEndTime + ], (stats, step, i) => { + const label = step.name || `step #${i}` + const start = new Date() + return BB.resolve(step(cache, opts)).then(s => { + s && Object.keys(s).forEach(k => { + stats[k] = s[k] + }) + const end = new Date() + if (!stats.runTime) { stats.runTime = {} } + stats.runTime[label] = end - start + return stats + }) + }, {}).tap(stats => { + stats.runTime.total = stats.endTime - stats.startTime + opts.log.silly('verify', 'verification finished for', cache, 'in', `${stats.runTime.total}ms`) + }) +} + +function markStartTime (cache, opts) { + return { startTime: new Date() } +} + +function markEndTime (cache, opts) { + return { endTime: new Date() } +} + +function fixPerms (cache, opts) { + opts.log.silly('verify', 'fixing cache permissions') + return fixOwner.mkdirfix(cache, cache).then(() => { + // TODO - fix file permissions too + return fixOwner.chownr(cache, cache) + }).then(() => null) +} + +// Implements a naive mark-and-sweep tracing garbage collector. +// +// The algorithm is basically as follows: +// 1. Read (and filter) all index entries ("pointers") +// 2. Mark each integrity value as "live" +// 3. Read entire filesystem tree in `content-vX/` dir +// 4. If content is live, verify its checksum and delete it if it fails +// 5. If content is not marked as live, rimraf it. +// +function garbageCollect (cache, opts) { + opts.log.silly('verify', 'garbage collecting content') + const indexStream = index.lsStream(cache) + const liveContent = new Set() + indexStream.on('data', entry => { + if (opts.filter && !opts.filter(entry)) { return } + liveContent.add(entry.integrity.toString()) + }) + return finished(indexStream).then(() => { + const contentDir = contentPath._contentDir(cache) + return glob(path.join(contentDir, '**'), { + follow: false, + nodir: true, + nosort: true + }).then(files => { + return BB.resolve({ + verifiedContent: 0, + reclaimedCount: 0, + reclaimedSize: 0, + badContentCount: 0, + keptSize: 0 + }).tap((stats) => BB.map(files, (f) => { + const split = f.split(/[/\\]/) + const digest = split.slice(split.length - 3).join('') + const algo = split[split.length - 4] + const integrity = ssri.fromHex(digest, algo) + if (liveContent.has(integrity.toString())) { + return verifyContent(f, integrity).then(info => { + if (!info.valid) { + stats.reclaimedCount++ + stats.badContentCount++ + stats.reclaimedSize += info.size + } else { + stats.verifiedContent++ + stats.keptSize += info.size + } + return stats + }) + } else { + // No entries refer to this content. We can delete. + stats.reclaimedCount++ + return fs.statAsync(f).then(s => { + return rimraf(f).then(() => { + stats.reclaimedSize += s.size + return stats + }) + }) + } + }, { concurrency: opts.concurrency })) + }) + }) +} + +function verifyContent (filepath, sri) { + return fs.statAsync(filepath).then(stat => { + const contentInfo = { + size: stat.size, + valid: true + } + return ssri.checkStream( + fs.createReadStream(filepath), + sri + ).catch(err => { + if (err.code !== 'EINTEGRITY') { throw err } + return rimraf(filepath).then(() => { + contentInfo.valid = false + }) + }).then(() => contentInfo) + }).catch({ code: 'ENOENT' }, () => ({ size: 0, valid: false })) +} + +function rebuildIndex (cache, opts) { + opts.log.silly('verify', 'rebuilding index') + return index.ls(cache).then(entries => { + const stats = { + missingContent: 0, + rejectedEntries: 0, + totalEntries: 0 + } + const buckets = {} + for (let k in entries) { + if (entries.hasOwnProperty(k)) { + const hashed = index._hashKey(k) + const entry = entries[k] + const excluded = opts.filter && !opts.filter(entry) + excluded && stats.rejectedEntries++ + if (buckets[hashed] && !excluded) { + buckets[hashed].push(entry) + } else if (buckets[hashed] && excluded) { + // skip + } else if (excluded) { + buckets[hashed] = [] + buckets[hashed]._path = index._bucketPath(cache, k) + } else { + buckets[hashed] = [entry] + buckets[hashed]._path = index._bucketPath(cache, k) + } + } + } + return BB.map(Object.keys(buckets), key => { + return rebuildBucket(cache, buckets[key], stats, opts) + }, { concurrency: opts.concurrency }).then(() => stats) + }) +} + +function rebuildBucket (cache, bucket, stats, opts) { + return fs.truncateAsync(bucket._path).then(() => { + // This needs to be serialized because cacache explicitly + // lets very racy bucket conflicts clobber each other. + return BB.mapSeries(bucket, entry => { + const content = contentPath(cache, entry.integrity) + return fs.statAsync(content).then(() => { + return index.insert(cache, entry.key, entry.integrity, { + metadata: entry.metadata, + size: entry.size + }).then(() => { stats.totalEntries++ }) + }).catch({ code: 'ENOENT' }, () => { + stats.rejectedEntries++ + stats.missingContent++ + }) + }) + }) +} + +function cleanTmp (cache, opts) { + opts.log.silly('verify', 'cleaning tmp directory') + return rimraf(path.join(cache, 'tmp')) +} + +function writeVerifile (cache, opts) { + const verifile = path.join(cache, '_lastverified') + opts.log.silly('verify', 'writing verifile to ' + verifile) + try { + return fs.writeFileAsync(verifile, '' + (+(new Date()))) + } finally { + fixOwner.chownr.sync(cache, verifile) + } +} + +module.exports.lastRun = lastRun +function lastRun (cache) { + return fs.readFileAsync( + path.join(cache, '_lastverified'), 'utf8' + ).then(data => new Date(+data)) +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/locales/en.js b/node_modules/make-fetch-happen/node_modules/cacache/locales/en.js new file mode 100644 index 0000000000000..1715fdb53cd3f --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/locales/en.js @@ -0,0 +1,47 @@ +'use strict' + +const ls = require('../ls.js') +const get = require('../get.js') +const put = require('../put.js') +const rm = require('../rm.js') +const verify = require('../verify.js') +const setLocale = require('../lib/util/y.js').setLocale +const clearMemoized = require('../lib/memoization.js').clearMemoized +const tmp = require('../lib/util/tmp.js') + +setLocale('en') + +const x = module.exports + +x.ls = cache => ls(cache) +x.ls.stream = cache => ls.stream(cache) + +x.get = (cache, key, opts) => get(cache, key, opts) +x.get.byDigest = (cache, hash, opts) => get.byDigest(cache, hash, opts) +x.get.sync = (cache, key, opts) => get.sync(cache, key, opts) +x.get.sync.byDigest = (cache, key, opts) => get.sync.byDigest(cache, key, opts) +x.get.stream = (cache, key, opts) => get.stream(cache, key, opts) +x.get.stream.byDigest = (cache, hash, opts) => get.stream.byDigest(cache, hash, opts) +x.get.copy = (cache, key, dest, opts) => get.copy(cache, key, dest, opts) +x.get.copy.byDigest = (cache, hash, dest, opts) => get.copy.byDigest(cache, hash, dest, opts) +x.get.info = (cache, key) => get.info(cache, key) +x.get.hasContent = (cache, hash) => get.hasContent(cache, hash) +x.get.hasContent.sync = (cache, hash) => get.hasContent.sync(cache, hash) + +x.put = (cache, key, data, opts) => put(cache, key, data, opts) +x.put.stream = (cache, key, opts) => put.stream(cache, key, opts) + +x.rm = (cache, key) => rm.entry(cache, key) +x.rm.all = cache => rm.all(cache) +x.rm.entry = x.rm +x.rm.content = (cache, hash) => rm.content(cache, hash) + +x.setLocale = lang => setLocale(lang) +x.clearMemoized = () => clearMemoized() + +x.tmp = {} +x.tmp.mkdir = (cache, opts) => tmp.mkdir(cache, opts) +x.tmp.withTmp = (cache, opts, cb) => tmp.withTmp(cache, opts, cb) + +x.verify = (cache, opts) => verify(cache, opts) +x.verify.lastRun = cache => verify.lastRun(cache) diff --git a/node_modules/make-fetch-happen/node_modules/cacache/locales/en.json b/node_modules/make-fetch-happen/node_modules/cacache/locales/en.json new file mode 100644 index 0000000000000..4f145288408ec --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/locales/en.json @@ -0,0 +1,7 @@ +{ + "No cache entry for `%s` found in `%s`": "No cache entry for %s found in %s", + "Integrity verification failed for %s (%s)": "Integrity verification failed for %s (%s)", + "Bad data size: expected inserted data to be %s bytes, but got %s instead": "Bad data size: expected inserted data to be %s bytes, but got %s instead", + "Cache input stream was empty": "Cache input stream was empty", + "Integrity check failed:\n Wanted: %s\n Found: %s": "Integrity check failed:\n Wanted: %s\n Found: %s" +} \ No newline at end of file diff --git a/node_modules/make-fetch-happen/node_modules/cacache/locales/es.js b/node_modules/make-fetch-happen/node_modules/cacache/locales/es.js new file mode 100644 index 0000000000000..ac4e4cfe7d2f4 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/locales/es.js @@ -0,0 +1,49 @@ +'use strict' + +const ls = require('../ls.js') +const get = require('../get.js') +const put = require('../put.js') +const rm = require('../rm.js') +const verify = require('../verify.js') +const setLocale = require('../lib/util/y.js').setLocale +const clearMemoized = require('../lib/memoization.js').clearMemoized +const tmp = require('../lib/util/tmp.js') + +setLocale('es') + +const x = module.exports + +x.ls = cache => ls(cache) +x.ls.flujo = cache => ls.stream(cache) + +x.saca = (cache, clave, ops) => get(cache, clave, ops) +x.saca.porHacheo = (cache, hacheo, ops) => get.byDigest(cache, hacheo, ops) +x.saca.sinc = (cache, clave, ops) => get.sync(cache, clave, ops) +x.saca.sinc.porHacheo = (cache, hacheo, ops) => get.sync.byDigest(cache, hacheo, ops) +x.saca.flujo = (cache, clave, ops) => get.stream(cache, clave, ops) +x.saca.flujo.porHacheo = (cache, hacheo, ops) => get.stream.byDigest(cache, hacheo, ops) +x.sava.copia = (cache, clave, destino, opts) => get.copy(cache, clave, destino, opts) +x.sava.copia.porHacheo = (cache, hacheo, destino, opts) => get.copy.byDigest(cache, hacheo, destino, opts) +x.saca.info = (cache, clave) => get.info(cache, clave) +x.saca.tieneDatos = (cache, hacheo) => get.hasContent(cache, hacheo) +x.saca.tieneDatos.sinc = (cache, hacheo) => get.hasContent.sync(cache, hacheo) + +x.mete = (cache, clave, datos, ops) => put(cache, clave, datos, ops) +x.mete.flujo = (cache, clave, ops) => put.stream(cache, clave, ops) + +x.rm = (cache, clave) => rm.entry(cache, clave) +x.rm.todo = cache => rm.all(cache) +x.rm.entrada = x.rm +x.rm.datos = (cache, hacheo) => rm.content(cache, hacheo) + +x.ponLenguaje = lang => setLocale(lang) +x.limpiaMemoizado = () => clearMemoized() + +x.tmp = {} +x.tmp.mkdir = (cache, ops) => tmp.mkdir(cache, ops) +x.tmp.hazdir = x.tmp.mkdir +x.tmp.conTmp = (cache, ops, cb) => tmp.withTmp(cache, ops, cb) + +x.verifica = (cache, ops) => verify(cache, ops) +x.verifica.ultimaVez = cache => verify.lastRun(cache) +x.verifica.últimaVez = x.verifica.ultimaVez diff --git a/node_modules/make-fetch-happen/node_modules/cacache/locales/es.json b/node_modules/make-fetch-happen/node_modules/cacache/locales/es.json new file mode 100644 index 0000000000000..a91d76225b43f --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/locales/es.json @@ -0,0 +1,6 @@ +{ + "No cache entry for `%s` found in `%s`": "No existe ninguna entrada para «%s» en «%s»", + "Integrity verification failed for %s (%s)": "Verificación de integridad falló para «%s» (%s)", + "Bad data size: expected inserted data to be %s bytes, but got %s instead": "Tamaño incorrecto de datos: los datos insertados debieron haber sido %s octetos, pero fueron %s", + "Cache input stream was empty": "El stream de entrada al caché estaba vacío" +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/ls.js b/node_modules/make-fetch-happen/node_modules/cacache/ls.js new file mode 100644 index 0000000000000..9f49b388ac380 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/ls.js @@ -0,0 +1,6 @@ +'use strict' + +var index = require('./lib/entry-index') + +module.exports = index.ls +module.exports.stream = index.lsStream diff --git a/node_modules/make-fetch-happen/node_modules/cacache/package.json b/node_modules/make-fetch-happen/node_modules/cacache/package.json new file mode 100644 index 0000000000000..03dc26a861c88 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/package.json @@ -0,0 +1,125 @@ +{ + "_from": "cacache@^12.0.0", + "_id": "cacache@12.0.0", + "_inBundle": false, + "_integrity": "sha512-0baf1FhCp16LhN+xDJsOrSiaPDCTD3JegZptVmLDoEbFcT5aT+BeFGt3wcDU3olCP5tpTCXU5sv0+TsKWT9WGQ==", + "_location": "/make-fetch-happen/cacache", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "cacache@^12.0.0", + "name": "cacache", + "escapedName": "cacache", + "rawSpec": "^12.0.0", + "saveSpec": null, + "fetchSpec": "^12.0.0" + }, + "_requiredBy": [ + "/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/cacache/-/cacache-12.0.0.tgz", + "_shasum": "1ed91cc306312a53ad688b1563ce4c416faec564", + "_spec": "cacache@^12.0.0", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/make-fetch-happen", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/zkat/cacache/issues" + }, + "bundleDependencies": false, + "cache-version": { + "content": "2", + "index": "5" + }, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "contributors": [ + { + "name": "Charlotte Spencer", + "email": "charlottelaspencer@gmail.com" + }, + { + "name": "Rebecca Turner", + "email": "me@re-becca.org" + } + ], + "dependencies": { + "bluebird": "^3.5.5", + "chownr": "^1.1.1", + "figgy-pudding": "^3.5.1", + "glob": "^7.1.4", + "graceful-fs": "^4.1.15", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "mkdirp": "^0.5.1", + "move-concurrently": "^1.0.1", + "promise-inflight": "^1.0.1", + "rimraf": "^2.6.3", + "ssri": "^6.0.1", + "unique-filename": "^1.1.1", + "y18n": "^4.0.0" + }, + "deprecated": false, + "description": "Fast, fault-tolerant, cross-platform, disk-based, data-agnostic, content-addressable cache.", + "devDependencies": { + "benchmark": "^2.1.4", + "chalk": "^2.4.2", + "cross-env": "^5.1.4", + "require-inject": "^1.4.4", + "standard": "^12.0.1", + "standard-version": "^6.0.1", + "tacks": "^1.3.0", + "tap": "^12.7.0", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.9" + }, + "files": [ + "*.js", + "lib", + "locales" + ], + "homepage": "https://github.com/zkat/cacache#readme", + "keywords": [ + "cache", + "caching", + "content-addressable", + "sri", + "sri hash", + "subresource integrity", + "cache", + "storage", + "store", + "file store", + "filesystem", + "disk cache", + "disk storage" + ], + "license": "ISC", + "main": "index.js", + "name": "cacache", + "repository": { + "type": "git", + "url": "git+https://github.com/zkat/cacache.git" + }, + "scripts": { + "benchmarks": "node test/benchmarks", + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "cross-env CACACHE_UPDATE_LOCALE_FILES=true tap --coverage --nyc-arg=--all -J test/*.js", + "test-docker": "docker run -it --rm --name pacotest -v \"$PWD\":/tmp -w /tmp node:latest npm test", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "12.0.0" +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/put.js b/node_modules/make-fetch-happen/node_modules/cacache/put.js new file mode 100644 index 0000000000000..a400639303a44 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/put.js @@ -0,0 +1,86 @@ +'use strict' + +const figgyPudding = require('figgy-pudding') +const index = require('./lib/entry-index') +const memo = require('./lib/memoization') +const write = require('./lib/content/write') +const to = require('mississippi').to + +const PutOpts = figgyPudding({ + algorithms: { + default: ['sha512'] + }, + integrity: {}, + memoize: {}, + metadata: {}, + pickAlgorithm: {}, + size: {}, + tmpPrefix: {}, + single: {}, + sep: {}, + error: {}, + strict: {} +}) + +module.exports = putData +function putData (cache, key, data, opts) { + opts = PutOpts(opts) + return write(cache, data, opts).then(res => { + return index.insert( + cache, key, res.integrity, opts.concat({ size: res.size }) + ).then(entry => { + if (opts.memoize) { + memo.put(cache, entry, data, opts) + } + return res.integrity + }) + }) +} + +module.exports.stream = putStream +function putStream (cache, key, opts) { + opts = PutOpts(opts) + let integrity + let size + const contentStream = write.stream( + cache, opts + ).on('integrity', int => { + integrity = int + }).on('size', s => { + size = s + }) + let memoData + let memoTotal = 0 + const stream = to((chunk, enc, cb) => { + contentStream.write(chunk, enc, () => { + if (opts.memoize) { + if (!memoData) { memoData = [] } + memoData.push(chunk) + memoTotal += chunk.length + } + cb() + }) + }, cb => { + contentStream.end(() => { + index.insert(cache, key, integrity, opts.concat({ size })).then(entry => { + if (opts.memoize) { + memo.put(cache, entry, Buffer.concat(memoData, memoTotal), opts) + } + stream.emit('integrity', integrity) + cb() + }) + }) + }) + let erred = false + stream.once('error', err => { + if (erred) { return } + erred = true + contentStream.emit('error', err) + }) + contentStream.once('error', err => { + if (erred) { return } + erred = true + stream.emit('error', err) + }) + return stream +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/rm.js b/node_modules/make-fetch-happen/node_modules/cacache/rm.js new file mode 100644 index 0000000000000..e71a1d27b4cf8 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/rm.js @@ -0,0 +1,28 @@ +'use strict' + +const BB = require('bluebird') + +const index = require('./lib/entry-index') +const memo = require('./lib/memoization') +const path = require('path') +const rimraf = BB.promisify(require('rimraf')) +const rmContent = require('./lib/content/rm') + +module.exports = entry +module.exports.entry = entry +function entry (cache, key) { + memo.clearMemoized() + return index.delete(cache, key) +} + +module.exports.content = content +function content (cache, integrity) { + memo.clearMemoized() + return rmContent(cache, integrity) +} + +module.exports.all = all +function all (cache) { + memo.clearMemoized() + return rimraf(path.join(cache, '*(content-*|index-*)')) +} diff --git a/node_modules/make-fetch-happen/node_modules/cacache/verify.js b/node_modules/make-fetch-happen/node_modules/cacache/verify.js new file mode 100644 index 0000000000000..db7763d7afd07 --- /dev/null +++ b/node_modules/make-fetch-happen/node_modules/cacache/verify.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./lib/verify') diff --git a/node_modules/make-fetch-happen/package.json b/node_modules/make-fetch-happen/package.json index 9a2b8d75b7ec5..848f26c775761 100644 --- a/node_modules/make-fetch-happen/package.json +++ b/node_modules/make-fetch-happen/package.json @@ -1,26 +1,42 @@ { - "_from": "make-fetch-happen@^4.0.1", - "_id": "make-fetch-happen@4.0.2", + "_from": "make-fetch-happen@^5.0.0", + "_id": "make-fetch-happen@5.0.0", "_inBundle": false, - "_integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "_integrity": "sha512-nFr/vpL1Jc60etMVKeaLOqfGjMMb3tAHFVJWxHOFCFS04Zmd7kGlMxo0l1tzfhoQje0/UPnd0X8OeGUiXXnfPA==", "_location": "/make-fetch-happen", - "_phantomChildren": {}, + "_phantomChildren": { + "bluebird": "3.5.5", + "chownr": "1.1.2", + "figgy-pudding": "3.5.1", + "glob": "7.1.4", + "graceful-fs": "4.2.0", + "lru-cache": "5.1.1", + "mississippi": "3.0.0", + "mkdirp": "0.5.1", + "move-concurrently": "1.0.1", + "promise-inflight": "1.0.1", + "rimraf": "2.6.3", + "ssri": "6.0.1", + "unique-filename": "1.1.1", + "y18n": "4.0.0" + }, "_requested": { "type": "range", "registry": true, - "raw": "make-fetch-happen@^4.0.1", + "raw": "make-fetch-happen@^5.0.0", "name": "make-fetch-happen", "escapedName": "make-fetch-happen", - "rawSpec": "^4.0.1", + "rawSpec": "^5.0.0", "saveSpec": null, - "fetchSpec": "^4.0.1" + "fetchSpec": "^5.0.0" }, "_requiredBy": [ - "/pacote" + "/pacote", + "/pacote/npm-registry-fetch" ], - "_resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", - "_shasum": "2d156b11696fb32bffbafe1ac1bc085dd6c78a79", - "_spec": "make-fetch-happen@^4.0.1", + "_resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-5.0.0.tgz", + "_shasum": "a8e3fe41d3415dd656fe7b8e8172e1fb4458b38d", + "_spec": "make-fetch-happen@^5.0.0", "_where": "/Users/isaacs/dev/npm/cli/node_modules/pacote", "author": { "name": "Kat Marchán", @@ -32,7 +48,7 @@ "bundleDependencies": false, "dependencies": { "agentkeepalive": "^3.4.1", - "cacache": "^11.3.3", + "cacache": "^12.0.0", "http-cache-semantics": "^3.8.1", "http-proxy-agent": "^2.1.0", "https-proxy-agent": "^2.2.1", @@ -90,5 +106,5 @@ "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" }, - "version": "4.0.2" + "version": "5.0.0" } diff --git a/node_modules/npm-profile/node_modules/make-fetch-happen/CHANGELOG.md b/node_modules/npm-profile/node_modules/make-fetch-happen/CHANGELOG.md new file mode 100644 index 0000000000000..a446842f55d80 --- /dev/null +++ b/node_modules/npm-profile/node_modules/make-fetch-happen/CHANGELOG.md @@ -0,0 +1,555 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [4.0.2](https://github.com/zkat/make-fetch-happen/compare/v4.0.1...v4.0.2) (2019-07-02) + + + + +## [4.0.1](https://github.com/zkat/make-fetch-happen/compare/v4.0.0...v4.0.1) (2018-04-12) + + +### Bug Fixes + +* **integrity:** use new sri.match() for verification ([4f371a0](https://github.com/zkat/make-fetch-happen/commit/4f371a0)) + + + + +# [4.0.0](https://github.com/zkat/make-fetch-happen/compare/v3.0.0...v4.0.0) (2018-04-09) + + +### meta + +* drop node@4, add node@9 ([7b0191a](https://github.com/zkat/make-fetch-happen/commit/7b0191a)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +# [3.0.0](https://github.com/zkat/make-fetch-happen/compare/v2.6.0...v3.0.0) (2018-03-12) + + +### Bug Fixes + +* **license:** switch to ISC ([#49](https://github.com/zkat/make-fetch-happen/issues/49)) ([bf90c6d](https://github.com/zkat/make-fetch-happen/commit/bf90c6d)) +* **standard:** standard@11 update ([ff0aa70](https://github.com/zkat/make-fetch-happen/commit/ff0aa70)) + + +### BREAKING CHANGES + +* **license:** license changed from CC0 to ISC. + + + + +# [2.6.0](https://github.com/zkat/make-fetch-happen/compare/v2.5.0...v2.6.0) (2017-11-14) + + +### Bug Fixes + +* **integrity:** disable node-fetch compress when checking integrity (#42) ([a7cc74c](https://github.com/zkat/make-fetch-happen/commit/a7cc74c)) + + +### Features + +* **onretry:** Add `options.onRetry` (#48) ([f90ccff](https://github.com/zkat/make-fetch-happen/commit/f90ccff)) + + + + +# [2.5.0](https://github.com/zkat/make-fetch-happen/compare/v2.4.13...v2.5.0) (2017-08-24) + + +### Bug Fixes + +* **agent:** support timeout durations greater than 30 seconds ([04875ae](https://github.com/zkat/make-fetch-happen/commit/04875ae)), closes [#35](https://github.com/zkat/make-fetch-happen/issues/35) + + +### Features + +* **cache:** export cache deletion functionality (#40) ([3da4250](https://github.com/zkat/make-fetch-happen/commit/3da4250)) + + + + +## [2.4.13](https://github.com/zkat/make-fetch-happen/compare/v2.4.12...v2.4.13) (2017-06-29) + + +### Bug Fixes + +* **deps:** bump other deps for bugfixes ([eab8297](https://github.com/zkat/make-fetch-happen/commit/eab8297)) +* **proxy:** bump proxy deps with bugfixes (#32) ([632f860](https://github.com/zkat/make-fetch-happen/commit/632f860)), closes [#32](https://github.com/zkat/make-fetch-happen/issues/32) + + + + +## [2.4.12](https://github.com/zkat/make-fetch-happen/compare/v2.4.11...v2.4.12) (2017-06-06) + + +### Bug Fixes + +* **cache:** encode x-local-cache-etc headers to be header-safe ([dc9fb1b](https://github.com/zkat/make-fetch-happen/commit/dc9fb1b)) + + + + +## [2.4.11](https://github.com/zkat/make-fetch-happen/compare/v2.4.10...v2.4.11) (2017-06-05) + + +### Bug Fixes + +* **deps:** bump deps with ssri fix ([bef1994](https://github.com/zkat/make-fetch-happen/commit/bef1994)) + + + + +## [2.4.10](https://github.com/zkat/make-fetch-happen/compare/v2.4.9...v2.4.10) (2017-05-31) + + +### Bug Fixes + +* **deps:** bump dep versions with bugfixes ([0af4003](https://github.com/zkat/make-fetch-happen/commit/0af4003)) +* **proxy:** use auth parameter for proxy authentication (#30) ([c687306](https://github.com/zkat/make-fetch-happen/commit/c687306)) + + + + +## [2.4.9](https://github.com/zkat/make-fetch-happen/compare/v2.4.8...v2.4.9) (2017-05-25) + + +### Bug Fixes + +* **cache:** use the passed-in promise for resolving cache stuff ([4c46257](https://github.com/zkat/make-fetch-happen/commit/4c46257)) + + + + +## [2.4.8](https://github.com/zkat/make-fetch-happen/compare/v2.4.7...v2.4.8) (2017-05-25) + + +### Bug Fixes + +* **cache:** pass uid/gid/Promise through to cache ([a847c92](https://github.com/zkat/make-fetch-happen/commit/a847c92)) + + + + +## [2.4.7](https://github.com/zkat/make-fetch-happen/compare/v2.4.6...v2.4.7) (2017-05-24) + + +### Bug Fixes + +* **deps:** pull in various fixes from deps ([fc2a587](https://github.com/zkat/make-fetch-happen/commit/fc2a587)) + + + + +## [2.4.6](https://github.com/zkat/make-fetch-happen/compare/v2.4.5...v2.4.6) (2017-05-24) + + +### Bug Fixes + +* **proxy:** choose agent for http(s)-proxy by protocol of destUrl ([ea4832a](https://github.com/zkat/make-fetch-happen/commit/ea4832a)) +* **proxy:** make socks proxy working ([1de810a](https://github.com/zkat/make-fetch-happen/commit/1de810a)) +* **proxy:** revert previous proxy solution ([563b0d8](https://github.com/zkat/make-fetch-happen/commit/563b0d8)) + + + + +## [2.4.5](https://github.com/zkat/make-fetch-happen/compare/v2.4.4...v2.4.5) (2017-05-24) + + +### Bug Fixes + +* **proxy:** use the destination url when determining agent ([1a714e7](https://github.com/zkat/make-fetch-happen/commit/1a714e7)) + + + + +## [2.4.4](https://github.com/zkat/make-fetch-happen/compare/v2.4.3...v2.4.4) (2017-05-23) + + +### Bug Fixes + +* **redirect:** handle redirects explicitly (#27) ([4c4af54](https://github.com/zkat/make-fetch-happen/commit/4c4af54)) + + + + +## [2.4.3](https://github.com/zkat/make-fetch-happen/compare/v2.4.2...v2.4.3) (2017-05-06) + + +### Bug Fixes + +* **redirect:** redirects now delete authorization if hosts fail to match ([c071805](https://github.com/zkat/make-fetch-happen/commit/c071805)) + + + + +## [2.4.2](https://github.com/zkat/make-fetch-happen/compare/v2.4.1...v2.4.2) (2017-05-04) + + +### Bug Fixes + +* **cache:** reduce race condition window by checking for content ([24544b1](https://github.com/zkat/make-fetch-happen/commit/24544b1)) +* **match:** Rewrite the conditional stream logic (#25) ([66bba4b](https://github.com/zkat/make-fetch-happen/commit/66bba4b)) + + + + +## [2.4.1](https://github.com/zkat/make-fetch-happen/compare/v2.4.0...v2.4.1) (2017-04-28) + + +### Bug Fixes + +* **memoization:** missed spots + allow passthrough of memo objs ([ac0cd12](https://github.com/zkat/make-fetch-happen/commit/ac0cd12)) + + + + +# [2.4.0](https://github.com/zkat/make-fetch-happen/compare/v2.3.0...v2.4.0) (2017-04-28) + + +### Bug Fixes + +* **memoize:** cacache had a broken memoizer ([8a9ed4c](https://github.com/zkat/make-fetch-happen/commit/8a9ed4c)) + + +### Features + +* **memoization:** only slurp stuff into memory if opts.memoize is not false ([0744adc](https://github.com/zkat/make-fetch-happen/commit/0744adc)) + + + + +# [2.3.0](https://github.com/zkat/make-fetch-happen/compare/v2.2.6...v2.3.0) (2017-04-27) + + +### Features + +* **agent:** added opts.strictSSL and opts.localAddress ([c35015a](https://github.com/zkat/make-fetch-happen/commit/c35015a)) +* **proxy:** Added opts.noProxy and NO_PROXY support ([f45c915](https://github.com/zkat/make-fetch-happen/commit/f45c915)) + + + + +## [2.2.6](https://github.com/zkat/make-fetch-happen/compare/v2.2.5...v2.2.6) (2017-04-26) + + +### Bug Fixes + +* **agent:** check uppercase & lowercase proxy env (#24) ([acf2326](https://github.com/zkat/make-fetch-happen/commit/acf2326)), closes [#22](https://github.com/zkat/make-fetch-happen/issues/22) +* **deps:** switch to node-fetch-npm and stop bundling ([3db603b](https://github.com/zkat/make-fetch-happen/commit/3db603b)) + + + + +## [2.2.5](https://github.com/zkat/make-fetch-happen/compare/v2.2.4...v2.2.5) (2017-04-23) + + +### Bug Fixes + +* **deps:** bump cacache and use its size feature ([926c1d3](https://github.com/zkat/make-fetch-happen/commit/926c1d3)) + + + + +## [2.2.4](https://github.com/zkat/make-fetch-happen/compare/v2.2.3...v2.2.4) (2017-04-18) + + +### Bug Fixes + +* **integrity:** hash verification issues fixed ([07f9402](https://github.com/zkat/make-fetch-happen/commit/07f9402)) + + + + +## [2.2.3](https://github.com/zkat/make-fetch-happen/compare/v2.2.2...v2.2.3) (2017-04-18) + + +### Bug Fixes + +* **staleness:** responses older than 8h were never stale :< ([b54dd75](https://github.com/zkat/make-fetch-happen/commit/b54dd75)) +* **warning:** remove spurious warning, make format more spec-compliant ([2e4f6bb](https://github.com/zkat/make-fetch-happen/commit/2e4f6bb)) + + + + +## [2.2.2](https://github.com/zkat/make-fetch-happen/compare/v2.2.1...v2.2.2) (2017-04-12) + + +### Bug Fixes + +* **retry:** stop retrying 404s ([6fafd53](https://github.com/zkat/make-fetch-happen/commit/6fafd53)) + + + + +## [2.2.1](https://github.com/zkat/make-fetch-happen/compare/v2.2.0...v2.2.1) (2017-04-10) + + +### Bug Fixes + +* **deps:** move test-only deps to devDeps ([2daaf80](https://github.com/zkat/make-fetch-happen/commit/2daaf80)) + + + + +# [2.2.0](https://github.com/zkat/make-fetch-happen/compare/v2.1.0...v2.2.0) (2017-04-09) + + +### Bug Fixes + +* **cache:** treat caches as private ([57b7dc2](https://github.com/zkat/make-fetch-happen/commit/57b7dc2)) + + +### Features + +* **retry:** accept shorthand retry settings ([dfed69d](https://github.com/zkat/make-fetch-happen/commit/dfed69d)) + + + + +# [2.1.0](https://github.com/zkat/make-fetch-happen/compare/v2.0.4...v2.1.0) (2017-04-09) + + +### Features + +* **cache:** cache now obeys Age and a variety of other things (#13) ([7b9652d](https://github.com/zkat/make-fetch-happen/commit/7b9652d)) + + + + +## [2.0.4](https://github.com/zkat/make-fetch-happen/compare/v2.0.3...v2.0.4) (2017-04-09) + + +### Bug Fixes + +* **agent:** accept Request as fetch input, not just strings ([b71669a](https://github.com/zkat/make-fetch-happen/commit/b71669a)) + + + + +## [2.0.3](https://github.com/zkat/make-fetch-happen/compare/v2.0.2...v2.0.3) (2017-04-09) + + +### Bug Fixes + +* **deps:** seriously ([c29e7e7](https://github.com/zkat/make-fetch-happen/commit/c29e7e7)) + + + + +## [2.0.2](https://github.com/zkat/make-fetch-happen/compare/v2.0.1...v2.0.2) (2017-04-09) + + +### Bug Fixes + +* **deps:** use bundleDeps instead ([c36ebf0](https://github.com/zkat/make-fetch-happen/commit/c36ebf0)) + + + + +## [2.0.1](https://github.com/zkat/make-fetch-happen/compare/v2.0.0...v2.0.1) (2017-04-09) + + +### Bug Fixes + +* **deps:** make sure node-fetch tarball included in release ([3bf49d1](https://github.com/zkat/make-fetch-happen/commit/3bf49d1)) + + + + +# [2.0.0](https://github.com/zkat/make-fetch-happen/compare/v1.7.0...v2.0.0) (2017-04-09) + + +### Bug Fixes + +* **deps:** manually pull in newer node-fetch to avoid babel prod dep ([66e5e87](https://github.com/zkat/make-fetch-happen/commit/66e5e87)) +* **retry:** be more specific about when we retry ([a47b782](https://github.com/zkat/make-fetch-happen/commit/a47b782)) + + +### Features + +* **agent:** add ca/cert/key support to auto-agent (#15) ([57585a7](https://github.com/zkat/make-fetch-happen/commit/57585a7)) + + +### BREAKING CHANGES + +* **agent:** pac proxies are no longer supported. +* **retry:** Retry logic has changes. + +* 404s, 420s, and 429s all retry now. +* ENOTFOUND no longer retries. +* Only ECONNRESET, ECONNREFUSED, EADDRINUSE, ETIMEDOUT, and `request-timeout` errors are retried. + + + + +# [1.7.0](https://github.com/zkat/make-fetch-happen/compare/v1.6.0...v1.7.0) (2017-04-08) + + +### Features + +* **cache:** add useful headers to inform users about cached data ([9bd7b00](https://github.com/zkat/make-fetch-happen/commit/9bd7b00)) + + + + +# [1.6.0](https://github.com/zkat/make-fetch-happen/compare/v1.5.1...v1.6.0) (2017-04-06) + + +### Features + +* **agent:** better, keepalive-supporting, default http agents ([16277f6](https://github.com/zkat/make-fetch-happen/commit/16277f6)) + + + + +## [1.5.1](https://github.com/zkat/make-fetch-happen/compare/v1.5.0...v1.5.1) (2017-04-05) + + +### Bug Fixes + +* **cache:** bump cacache for its fixed error messages ([2f2b916](https://github.com/zkat/make-fetch-happen/commit/2f2b916)) +* **cache:** fix handling of errors in cache reads ([5729222](https://github.com/zkat/make-fetch-happen/commit/5729222)) + + + + +# [1.5.0](https://github.com/zkat/make-fetch-happen/compare/v1.4.0...v1.5.0) (2017-04-04) + + +### Features + +* **retry:** retry requests on 408 timeouts, too ([8d8b5bd](https://github.com/zkat/make-fetch-happen/commit/8d8b5bd)) + + + + +# [1.4.0](https://github.com/zkat/make-fetch-happen/compare/v1.3.1...v1.4.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** stop relying on BB.catch ([2b04494](https://github.com/zkat/make-fetch-happen/commit/2b04494)) + + +### Features + +* **retry:** report retry attempt number as extra header ([fd50927](https://github.com/zkat/make-fetch-happen/commit/fd50927)) + + + + +## [1.3.1](https://github.com/zkat/make-fetch-happen/compare/v1.3.0...v1.3.1) (2017-04-04) + + +### Bug Fixes + +* **cache:** pretend cache entry is missing on ENOENT ([9c2bb26](https://github.com/zkat/make-fetch-happen/commit/9c2bb26)) + + + + +# [1.3.0](https://github.com/zkat/make-fetch-happen/compare/v1.2.1...v1.3.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** if metadata is missing for some odd reason, ignore the entry ([a021a6b](https://github.com/zkat/make-fetch-happen/commit/a021a6b)) + + +### Features + +* **cache:** add special headers when request was loaded straight from cache ([8a7dbd1](https://github.com/zkat/make-fetch-happen/commit/8a7dbd1)) +* **cache:** allow configuring algorithms to be calculated on insertion ([bf4a0f2](https://github.com/zkat/make-fetch-happen/commit/bf4a0f2)) + + + + +## [1.2.1](https://github.com/zkat/make-fetch-happen/compare/v1.2.0...v1.2.1) (2017-04-03) + + +### Bug Fixes + +* **integrity:** update cacache and ssri and change EBADCHECKSUM -> EINTEGRITY ([b6cf6f6](https://github.com/zkat/make-fetch-happen/commit/b6cf6f6)) + + + + +# [1.2.0](https://github.com/zkat/make-fetch-happen/compare/v1.1.0...v1.2.0) (2017-04-03) + + +### Features + +* **integrity:** full Subresource Integrity support (#10) ([a590159](https://github.com/zkat/make-fetch-happen/commit/a590159)) + + + + +# [1.1.0](https://github.com/zkat/make-fetch-happen/compare/v1.0.1...v1.1.0) (2017-04-01) + + +### Features + +* **opts:** fetch.defaults() for default options ([522a65e](https://github.com/zkat/make-fetch-happen/commit/522a65e)) + + + + +## [1.0.1](https://github.com/zkat/make-fetch-happen/compare/v1.0.0...v1.0.1) (2017-04-01) + + + + +# 1.0.0 (2017-04-01) + + +### Bug Fixes + +* **cache:** default on cache-control header ([b872a2c](https://github.com/zkat/make-fetch-happen/commit/b872a2c)) +* standard stuff and cache matching ([753f2c2](https://github.com/zkat/make-fetch-happen/commit/753f2c2)) +* **agent:** nudge around things with opts.agent ([ed62b57](https://github.com/zkat/make-fetch-happen/commit/ed62b57)) +* **agent:** {agent: false} has special behavior ([b8cc923](https://github.com/zkat/make-fetch-happen/commit/b8cc923)) +* **cache:** invalidation on non-GET ([fe78fac](https://github.com/zkat/make-fetch-happen/commit/fe78fac)) +* **cache:** make force-cache and only-if-cached work as expected ([f50e9df](https://github.com/zkat/make-fetch-happen/commit/f50e9df)) +* **cache:** more spec compliance ([d5a56db](https://github.com/zkat/make-fetch-happen/commit/d5a56db)) +* **cache:** only cache 200 gets ([0abb25a](https://github.com/zkat/make-fetch-happen/commit/0abb25a)) +* **cache:** only load cache code if cache opt is a string ([250fcd5](https://github.com/zkat/make-fetch-happen/commit/250fcd5)) +* **cache:** oops ([e3fa15a](https://github.com/zkat/make-fetch-happen/commit/e3fa15a)) +* **cache:** refactored warning removal into main file ([5b0a9f9](https://github.com/zkat/make-fetch-happen/commit/5b0a9f9)) +* **cache:** req constructor no longer needed in Cache ([5b74cbc](https://github.com/zkat/make-fetch-happen/commit/5b74cbc)) +* **cache:** standard fetch api calls cacheMode "cache" ([6fba805](https://github.com/zkat/make-fetch-happen/commit/6fba805)) +* **cache:** was using wrong method for non-GET/HEAD cache invalidation ([810763a](https://github.com/zkat/make-fetch-happen/commit/810763a)) +* **caching:** a bunch of cache-related fixes ([8ebda1d](https://github.com/zkat/make-fetch-happen/commit/8ebda1d)) +* **deps:** `cacache[@6](https://github.com/6).3.0` - race condition fixes ([9528442](https://github.com/zkat/make-fetch-happen/commit/9528442)) +* **freshness:** fix regex for cacheControl matching ([070db86](https://github.com/zkat/make-fetch-happen/commit/070db86)) +* **freshness:** fixed default freshness heuristic value ([5d29e88](https://github.com/zkat/make-fetch-happen/commit/5d29e88)) +* **logging:** remove console.log calls ([a1d0a47](https://github.com/zkat/make-fetch-happen/commit/a1d0a47)) +* **method:** node-fetch guarantees uppercase ([a1d68d6](https://github.com/zkat/make-fetch-happen/commit/a1d68d6)) +* **opts:** simplified opts handling ([516fd6e](https://github.com/zkat/make-fetch-happen/commit/516fd6e)) +* **proxy:** pass proxy option directly to ProxyAgent ([3398460](https://github.com/zkat/make-fetch-happen/commit/3398460)) +* **retry:** false -> {retries: 0} ([297fbb6](https://github.com/zkat/make-fetch-happen/commit/297fbb6)) +* **retry:** only retry put if body is not a stream ([a24e599](https://github.com/zkat/make-fetch-happen/commit/a24e599)) +* **retry:** skip retries if body is a stream for ANY method ([780c0f8](https://github.com/zkat/make-fetch-happen/commit/780c0f8)) + + +### Features + +* **api:** initial implementation -- can make and cache requests ([7d55b49](https://github.com/zkat/make-fetch-happen/commit/7d55b49)) +* **fetch:** injectable cache, and retry support ([87b84bf](https://github.com/zkat/make-fetch-happen/commit/87b84bf)) + + +### BREAKING CHANGES + +* **cache:** opts.cache -> opts.cacheManager; opts.cacheMode -> opts.cache +* **fetch:** opts.cache accepts a Cache-like obj or a path. Requests are now retried. +* **api:** actual api implemented diff --git a/node_modules/npm-profile/node_modules/make-fetch-happen/LICENSE b/node_modules/npm-profile/node_modules/make-fetch-happen/LICENSE new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/npm-profile/node_modules/make-fetch-happen/LICENSE @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-profile/node_modules/make-fetch-happen/README.md b/node_modules/npm-profile/node_modules/make-fetch-happen/README.md new file mode 100644 index 0000000000000..4d12d8dae7e31 --- /dev/null +++ b/node_modules/npm-profile/node_modules/make-fetch-happen/README.md @@ -0,0 +1,404 @@ +# make-fetch-happen [![npm version](https://img.shields.io/npm/v/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![license](https://img.shields.io/npm/l/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![Travis](https://img.shields.io/travis/zkat/make-fetch-happen.svg)](https://travis-ci.org/zkat/make-fetch-happen) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/make-fetch-happen?svg=true)](https://ci.appveyor.com/project/zkat/make-fetch-happen) [![Coverage Status](https://coveralls.io/repos/github/zkat/make-fetch-happen/badge.svg?branch=latest)](https://coveralls.io/github/zkat/make-fetch-happen?branch=latest) + + +[`make-fetch-happen`](https://github.com/zkat/make-fetch-happen) is a Node.js +library that wraps [`node-fetch-npm`](https://github.com/npm/node-fetch-npm) with additional +features [`node-fetch`](https://github.com/bitinn/node-fetch) doesn't intend to include, including HTTP Cache support, request +pooling, proxies, retries, [and more](#features)! + +## Install + +`$ npm install --save make-fetch-happen` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.defaults`](#fetch-defaults) + * [`node-fetch` options](#node-fetch-options) + * [`make-fetch-happen` options](#extra-options) + * [`opts.cacheManager`](#opts-cache-manager) + * [`opts.cache`](#opts-cache) + * [`opts.proxy`](#opts-proxy) + * [`opts.noProxy`](#opts-no-proxy) + * [`opts.ca, opts.cert, opts.key`](#https-opts) + * [`opts.maxSockets`](#opts-max-sockets) + * [`opts.retry`](#opts-retry) + * [`opts.onRetry`](#opts-onretry) + * [`opts.integrity`](#opts-integrity) +* [Message From Our Sponsors](#wow) + +### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' // path where cache will be written (and read) +}) + +fetch('https://registry.npmjs.org/make-fetch-happen').then(res => { + return res.json() // download the body as JSON +}).then(body => { + console.log(`got ${body.name} from web`) + return fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'no-cache' // forces a conditional request + }) +}).then(res => { + console.log(res.status) // 304! cache validated! + return res.json().then(body => { + console.log(`got ${body.name} from cache`) + }) +}) +``` + +### Features + +* Builds around [`node-fetch`](https://npm.im/node-fetch) for the core [`fetch` API](https://fetch.spec.whatwg.org) implementation +* Request pooling out of the box +* Quite fast, really +* Automatic HTTP-semantics-aware request retries +* Cache-fallback automatic "offline mode" +* Proxy support (http, https, socks, socks4, socks5) +* Built-in request caching following full HTTP caching rules (`Cache-Control`, `ETag`, `304`s, cache fallback on error, etc). +* Customize cache storage with any [Cache API](https://developer.mozilla.org/en-US/docs/Web/API/Cache)-compliant `Cache` instance. Cache to Redis! +* Node.js Stream support +* Transparent gzip and deflate support +* [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) support +* Literally punches nazis +* (PENDING) Range request caching and resuming + +### Contributing + +The make-fetch-happen team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](CONTRIBUTING.md) has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(uriOrRequest, [opts]) -> Promise` + +This function implements most of the [`fetch` API](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch): given a `uri` string or a `Request` instance, it will fire off an http request and return a Promise containing the relevant response. + +If `opts` is provided, the [`node-fetch`-specific options](#node-fetch-options) will be passed to that library. There are also [additional options](#extra-options) specific to make-fetch-happen that add various features, such as HTTP caching, integrity verification, proxy support, and more. + +##### Example + +```javascript +fetch('https://google.com').then(res => res.buffer()) +``` + +#### `> fetch.defaults([defaultUrl], [defaultOpts])` + +Returns a new `fetch` function that will call `make-fetch-happen` using `defaultUrl` and `defaultOpts` as default values to any calls. + +A defaulted `fetch` will also have a `.defaults()` method, so they can be chained. + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-local-cache' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen') // will always use the cache +``` + +#### `> node-fetch options` + +The following options for `node-fetch` are used as-is: + +* method +* body +* redirect +* follow +* timeout +* compress +* size + +These other options are modified or augmented by make-fetch-happen: + +* headers - Default `User-Agent` set to make-fetch happen. `Connection` is set to `keep-alive` or `close` automatically depending on `opts.agent`. +* agent + * If agent is null, an http or https Agent will be automatically used. By default, these will be `http.globalAgent` and `https.globalAgent`. + * If [`opts.proxy`](#opts-proxy) is provided and `opts.agent` is null, the agent will be set to an appropriate proxy-handling agent. + * If `opts.agent` is an object, it will be used as the request-pooling agent argument for this request. + * If `opts.agent` is `false`, it will be passed as-is to the underlying request library. This causes a new Agent to be spawned for every request. + +For more details, see [the documentation for `node-fetch` itself](https://github.com/bitinn/node-fetch#options). + +#### `> make-fetch-happen options` + +make-fetch-happen augments the `node-fetch` API with additional features available through extra options. The following extra options are available: + +* [`opts.cacheManager`](#opts-cache-manager) - Cache target to read/write +* [`opts.cache`](#opts-cache) - `fetch` cache mode. Controls cache *behavior*. +* [`opts.proxy`](#opts-proxy) - Proxy agent +* [`opts.noProxy`](#opts-no-proxy) - Domain segments to disable proxying for. +* [`opts.ca, opts.cert, opts.key, opts.strictSSL`](#https-opts) +* [`opts.localAddress`](#opts-local-address) +* [`opts.maxSockets`](#opts-max-sockets) +* [`opts.retry`](#opts-retry) - Request retry settings +* [`opts.onRetry`](#opts-onretry) - a function called whenever a retry is attempted +* [`opts.integrity`](#opts-integrity) - [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. + +#### `> opts.cacheManager` + +Either a `String` or a `Cache`. If the former, it will be assumed to be a `Path` to be used as the cache root for [`cacache`](https://npm.im/cacache). + +If an object is provided, it will be assumed to be a compliant [`Cache` instance](https://developer.mozilla.org/en-US/docs/Web/API/Cache). Only `Cache.match()`, `Cache.put()`, and `Cache.delete()` are required. Options objects will not be passed in to `match()` or `delete()`. + +By implementing this API, you can customize the storage backend for make-fetch-happen itself -- for example, you could implement a cache that uses `redis` for caching, or simply keeps everything in memory. Most of the caching logic exists entirely on the make-fetch-happen side, so the only thing you need to worry about is reading, writing, and deleting, as well as making sure `fetch.Response` objects are what gets returned. + +You can refer to `cache.js` in the make-fetch-happen source code for a reference implementation. + +**NOTE**: Requests will not be cached unless their response bodies are consumed. You will need to use one of the `res.json()`, `res.buffer()`, etc methods on the response, or drain the `res.body` stream, in order for it to be written. + +The default cache manager also adds the following headers to cached responses: + +* `X-Local-Cache`: Path to the cache the content was found in +* `X-Local-Cache-Key`: Unique cache entry key for this response +* `X-Local-Cache-Hash`: Specific integrity hash for the cached entry +* `X-Local-Cache-Time`: UTCString of the cache insertion time for the entry + +Using [`cacache`](https://npm.im/cacache), a call like this may be used to +manually fetch the cached entry: + +```javascript +const h = response.headers +cacache.get(h.get('x-local-cache'), h.get('x-local-cache-key')) + +// grab content only, directly: +cacache.get.byDigest(h.get('x-local-cache'), h.get('x-local-cache-hash')) +``` + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + cacheManager: './my-local-cache' +}) // -> 200-level response will be written to disk + +fetch('https://npm.im/cacache', { + cacheManager: new MyCustomRedisCache(process.env.PORT) +}) // -> 200-level response will be written to redis +``` + +A possible (minimal) implementation for `MyCustomRedisCache`: + +```javascript +const bluebird = require('bluebird') +const redis = require("redis") +bluebird.promisifyAll(redis.RedisClient.prototype) +class MyCustomRedisCache { + constructor (opts) { + this.redis = redis.createClient(opts) + } + match (req) { + return this.redis.getAsync(req.url).then(res => { + if (res) { + const parsed = JSON.parse(res) + return new fetch.Response(parsed.body, { + url: req.url, + headers: parsed.headers, + status: 200 + }) + } + }) + } + put (req, res) { + return res.buffer().then(body => { + return this.redis.setAsync(req.url, JSON.stringify({ + body: body, + headers: res.headers.raw() + })) + }).then(() => { + // return the response itself + return res + }) + } + 'delete' (req) { + return this.redis.unlinkAsync(req.url) + } +} +``` + +#### `> opts.cache` + +This option follows the standard `fetch` API cache option. This option will do nothing if [`opts.cacheManager`](#opts-cache-manager) is null. The following values are accepted (as strings): + +* `default` - Fetch will inspect the HTTP cache on the way to the network. If there is a fresh response it will be used. If there is a stale response a conditional request will be created, and a normal request otherwise. It then updates the HTTP cache with the response. If the revalidation request fails (for example, on a 500 or if you're offline), the stale response will be returned. +* `no-store` - Fetch behaves as if there is no HTTP cache at all. +* `reload` - Fetch behaves as if there is no HTTP cache on the way to the network. Ergo, it creates a normal request and updates the HTTP cache with the response. +* `no-cache` - Fetch creates a conditional request if there is a response in the HTTP cache and a normal request otherwise. It then updates the HTTP cache with the response. +* `force-cache` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it creates a normal request and updates the HTTP cache with the response. +* `only-if-cached` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it returns a network error. (Can only be used when request’s mode is "same-origin". Any cached redirects will be followed assuming request’s redirect mode is "follow" and the redirects do not violate request’s mode.) + +(Note: option descriptions are taken from https://fetch.spec.whatwg.org/#http-network-or-cache-fetch) + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' +}) + +// Will error with ENOTCACHED if we haven't already cached this url +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'only-if-cached' +}) + +// Will refresh any local content and cache the new response +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'reload' +}) + +// Will use any local data, even if stale. Otherwise, will hit network. +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'force-cache' +}) +``` + +#### `> opts.proxy` + +A string or `url.parse`-d URI to proxy through. Different Proxy handlers will be +used depending on the proxy's protocol. + +Additionally, `process.env.HTTP_PROXY`, `process.env.HTTPS_PROXY`, and +`process.env.PROXY` are used if present and no `opts.proxy` value is provided. + +(Pending) `process.env.NO_PROXY` may also be configured to skip proxying requests for all, or specific domains. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: 'https://corporate.yourcompany.proxy:4445' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: { + protocol: 'https:', + hostname: 'corporate.yourcompany.proxy', + port: 4445 + } +}) +``` + +#### `> opts.noProxy` + +If present, should be a comma-separated string or an array of domain extensions +that a proxy should _not_ be used for. + +This option may also be provided through `process.env.NO_PROXY`. + +#### `> opts.ca, opts.cert, opts.key, opts.strictSSL` + +These values are passed in directly to the HTTPS agent and will be used for both +proxied and unproxied outgoing HTTPS requests. They mostly correspond to the +same options the `https` module accepts, which will be themselves passed to +`tls.connect()`. `opts.strictSSL` corresponds to `rejectUnauthorized`. + +#### `> opts.localAddress` + +Passed directly to `http` and `https` request calls. Determines the local +address to bind to. + +#### `> opts.maxSockets` + +Default: 15 + +Maximum number of active concurrent sockets to use for the underlying +Http/Https/Proxy agents. This setting applies once per spawned agent. + +15 is probably a _pretty good value_ for most use-cases, and balances speed +with, uh, not knocking out people's routers. 🤓 + +#### `> opts.retry` + +An object that can be used to tune request retry settings. Retries will only be attempted on the following conditions: + +* Request method is NOT `POST` AND +* Request status is one of: `408`, `420`, `429`, or any status in the 500-range. OR +* Request errored with `ECONNRESET`, `ECONNREFUSED`, `EADDRINUSE`, `ETIMEDOUT`, or the `fetch` error `request-timeout`. + +The following are worth noting as explicitly not retried: + +* `getaddrinfo ENOTFOUND` and will be assumed to be either an unreachable domain or the user will be assumed offline. If a response is cached, it will be returned immediately. +* `ECONNRESET` currently has no support for restarting. It will eventually be supported but requires a bit more juggling due to streaming. + +If `opts.retry` is `false`, it is equivalent to `{retries: 0}` + +If `opts.retry` is a number, it is equivalent to `{retries: num}` + +The following retry options are available if you want more control over it: + +* retries +* factor +* minTimeout +* maxTimeout +* randomize + +For details on what each of these do, refer to the [`retry`](https://npm.im/retry) documentation. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + retry: { + retries: 10, + randomize: true + } +}) + +fetch('http://reliable.site.com', { + retry: false +}) + +fetch('http://one-more.site.com', { + retry: 3 +}) +``` + +#### `> opts.onRetry` + +A function called whenever a retry is attempted. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + onRetry() { + console.log('we will retry!') + } +}) +``` + +#### `> opts.integrity` + +Matches the response body against the given [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. If verification fails, the request will fail with an `EINTEGRITY` error. + +`integrity` may either be a string or an [`ssri`](https://npm.im/ssri) `Integrity`-like. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // -> ok + +fetch('https://malicious-registry.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // Error: EINTEGRITY +``` + +### Message From Our Sponsors + +![](stop.gif) + +![](happening.gif) diff --git a/node_modules/npm-profile/node_modules/make-fetch-happen/agent.js b/node_modules/npm-profile/node_modules/make-fetch-happen/agent.js new file mode 100644 index 0000000000000..55675946ad97d --- /dev/null +++ b/node_modules/npm-profile/node_modules/make-fetch-happen/agent.js @@ -0,0 +1,171 @@ +'use strict' +const LRU = require('lru-cache') +const url = require('url') + +let AGENT_CACHE = new LRU({ max: 50 }) +let HttpsAgent +let HttpAgent + +module.exports = getAgent + +function getAgent (uri, opts) { + const parsedUri = url.parse(typeof uri === 'string' ? uri : uri.url) + const isHttps = parsedUri.protocol === 'https:' + const pxuri = getProxyUri(uri, opts) + + const key = [ + `https:${isHttps}`, + pxuri + ? `proxy:${pxuri.protocol}//${pxuri.host}:${pxuri.port}` + : '>no-proxy<', + `local-address:${opts.localAddress || '>no-local-address<'}`, + `strict-ssl:${isHttps ? !!opts.strictSSL : '>no-strict-ssl<'}`, + `ca:${(isHttps && opts.ca) || '>no-ca<'}`, + `cert:${(isHttps && opts.cert) || '>no-cert<'}`, + `key:${(isHttps && opts.key) || '>no-key<'}` + ].join(':') + + if (opts.agent != null) { // `agent: false` has special behavior! + return opts.agent + } + + if (AGENT_CACHE.peek(key)) { + return AGENT_CACHE.get(key) + } + + if (pxuri) { + const proxy = getProxy(pxuri, opts, isHttps) + AGENT_CACHE.set(key, proxy) + return proxy + } + + if (isHttps && !HttpsAgent) { + HttpsAgent = require('agentkeepalive').HttpsAgent + } else if (!isHttps && !HttpAgent) { + HttpAgent = require('agentkeepalive') + } + + // If opts.timeout is zero, set the agentTimeout to zero as well. A timeout + // of zero disables the timeout behavior (OS limits still apply). Else, if + // opts.timeout is a non-zero value, set it to timeout + 1, to ensure that + // the node-fetch-npm timeout will always fire first, giving us more + // consistent errors. + const agentTimeout = opts.timeout === 0 ? 0 : opts.timeout + 1 + + const agent = isHttps ? new HttpsAgent({ + maxSockets: opts.maxSockets || 15, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + localAddress: opts.localAddress, + rejectUnauthorized: opts.strictSSL, + timeout: agentTimeout + }) : new HttpAgent({ + maxSockets: opts.maxSockets || 15, + localAddress: opts.localAddress, + timeout: agentTimeout + }) + AGENT_CACHE.set(key, agent) + return agent +} + +function checkNoProxy (uri, opts) { + const host = url.parse(uri).hostname.split('.').reverse() + let noproxy = (opts.noProxy || getProcessEnv('no_proxy')) + if (typeof noproxy === 'string') { + noproxy = noproxy.split(/\s*,\s*/g) + } + return noproxy && noproxy.some(no => { + const noParts = no.split('.').filter(x => x).reverse() + if (!noParts.length) { return false } + for (let i = 0; i < noParts.length; i++) { + if (host[i] !== noParts[i]) { + return false + } + } + return true + }) +} + +module.exports.getProcessEnv = getProcessEnv + +function getProcessEnv (env) { + if (!env) { return } + + let value + + if (Array.isArray(env)) { + for (let e of env) { + value = process.env[e] || + process.env[e.toUpperCase()] || + process.env[e.toLowerCase()] + if (typeof value !== 'undefined') { break } + } + } + + if (typeof env === 'string') { + value = process.env[env] || + process.env[env.toUpperCase()] || + process.env[env.toLowerCase()] + } + + return value +} + +function getProxyUri (uri, opts) { + const protocol = url.parse(uri).protocol + + const proxy = opts.proxy || ( + protocol === 'https:' && getProcessEnv('https_proxy') + ) || ( + protocol === 'http:' && getProcessEnv(['https_proxy', 'http_proxy', 'proxy']) + ) + if (!proxy) { return null } + + const parsedProxy = (typeof proxy === 'string') ? url.parse(proxy) : proxy + + return !checkNoProxy(uri, opts) && parsedProxy +} + +let HttpProxyAgent +let HttpsProxyAgent +let SocksProxyAgent +function getProxy (proxyUrl, opts, isHttps) { + let popts = { + host: proxyUrl.hostname, + port: proxyUrl.port, + protocol: proxyUrl.protocol, + path: proxyUrl.path, + auth: proxyUrl.auth, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + timeout: opts.timeout === 0 ? 0 : opts.timeout + 1, + localAddress: opts.localAddress, + maxSockets: opts.maxSockets || 15, + rejectUnauthorized: opts.strictSSL + } + + if (proxyUrl.protocol === 'http:' || proxyUrl.protocol === 'https:') { + if (!isHttps) { + if (!HttpProxyAgent) { + HttpProxyAgent = require('http-proxy-agent') + } + + return new HttpProxyAgent(popts) + } else { + if (!HttpsProxyAgent) { + HttpsProxyAgent = require('https-proxy-agent') + } + + return new HttpsProxyAgent(popts) + } + } + if (proxyUrl.protocol.startsWith('socks')) { + if (!SocksProxyAgent) { + SocksProxyAgent = require('socks-proxy-agent') + } + + return new SocksProxyAgent(popts) + } +} diff --git a/node_modules/npm-profile/node_modules/make-fetch-happen/cache.js b/node_modules/npm-profile/node_modules/make-fetch-happen/cache.js new file mode 100644 index 0000000000000..0c519e69fbe81 --- /dev/null +++ b/node_modules/npm-profile/node_modules/make-fetch-happen/cache.js @@ -0,0 +1,249 @@ +'use strict' + +const cacache = require('cacache') +const fetch = require('node-fetch-npm') +const pipe = require('mississippi').pipe +const ssri = require('ssri') +const through = require('mississippi').through +const to = require('mississippi').to +const url = require('url') +const stream = require('stream') + +const MAX_MEM_SIZE = 5 * 1024 * 1024 // 5MB + +function cacheKey (req) { + const parsed = url.parse(req.url) + return `make-fetch-happen:request-cache:${ + url.format({ + protocol: parsed.protocol, + slashes: parsed.slashes, + host: parsed.host, + hostname: parsed.hostname, + pathname: parsed.pathname + }) + }` +} + +// This is a cacache-based implementation of the Cache standard, +// using node-fetch. +// docs: https://developer.mozilla.org/en-US/docs/Web/API/Cache +// +module.exports = class Cache { + constructor (path, opts) { + this._path = path + this._uid = opts && opts.uid + this._gid = opts && opts.gid + this.Promise = (opts && opts.Promise) || Promise + } + + // Returns a Promise that resolves to the response associated with the first + // matching request in the Cache object. + match (req, opts) { + opts = opts || {} + const key = cacheKey(req) + return cacache.get.info(this._path, key).then(info => { + return info && cacache.get.hasContent( + this._path, info.integrity, opts + ).then(exists => exists && info) + }).then(info => { + if (info && info.metadata && matchDetails(req, { + url: info.metadata.url, + reqHeaders: new fetch.Headers(info.metadata.reqHeaders), + resHeaders: new fetch.Headers(info.metadata.resHeaders), + cacheIntegrity: info.integrity, + integrity: opts && opts.integrity + })) { + const resHeaders = new fetch.Headers(info.metadata.resHeaders) + addCacheHeaders(resHeaders, this._path, key, info.integrity, info.time) + if (req.method === 'HEAD') { + return new fetch.Response(null, { + url: req.url, + headers: resHeaders, + status: 200 + }) + } + let body + const cachePath = this._path + // avoid opening cache file handles until a user actually tries to + // read from it. + if (opts.memoize !== false && info.size > MAX_MEM_SIZE) { + body = new stream.PassThrough() + const realRead = body._read + body._read = function (size) { + body._read = realRead + pipe( + cacache.get.stream.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }), + body, + err => body.emit(err)) + return realRead.call(this, size) + } + } else { + let readOnce = false + // cacache is much faster at bulk reads + body = new stream.Readable({ + read () { + if (readOnce) return this.push(null) + readOnce = true + cacache.get.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }).then(data => { + this.push(data) + this.push(null) + }, err => this.emit('error', err)) + } + }) + } + return this.Promise.resolve(new fetch.Response(body, { + url: req.url, + headers: resHeaders, + status: 200, + size: info.size + })) + } + }) + } + + // Takes both a request and its response and adds it to the given cache. + put (req, response, opts) { + opts = opts || {} + const size = response.headers.get('content-length') + const fitInMemory = !!size && opts.memoize !== false && size < MAX_MEM_SIZE + const ckey = cacheKey(req) + const cacheOpts = { + algorithms: opts.algorithms, + metadata: { + url: req.url, + reqHeaders: req.headers.raw(), + resHeaders: response.headers.raw() + }, + uid: this._uid, + gid: this._gid, + size, + memoize: fitInMemory && opts.memoize + } + if (req.method === 'HEAD' || response.status === 304) { + // Update metadata without writing + return cacache.get.info(this._path, ckey).then(info => { + // Providing these will bypass content write + cacheOpts.integrity = info.integrity + addCacheHeaders( + response.headers, this._path, ckey, info.integrity, info.time + ) + return new this.Promise((resolve, reject) => { + pipe( + cacache.get.stream.byDigest(this._path, info.integrity, cacheOpts), + cacache.put.stream(this._path, cacheKey(req), cacheOpts), + err => err ? reject(err) : resolve(response) + ) + }) + }).then(() => response) + } + let buf = [] + let bufSize = 0 + let cacheTargetStream = false + const cachePath = this._path + let cacheStream = to((chunk, enc, cb) => { + if (!cacheTargetStream) { + if (fitInMemory) { + cacheTargetStream = + to({highWaterMark: MAX_MEM_SIZE}, (chunk, enc, cb) => { + buf.push(chunk) + bufSize += chunk.length + cb() + }, done => { + cacache.put( + cachePath, + cacheKey(req), + Buffer.concat(buf, bufSize), + cacheOpts + ).then( + () => done(), + done + ) + }) + } else { + cacheTargetStream = + cacache.put.stream(cachePath, cacheKey(req), cacheOpts) + } + } + cacheTargetStream.write(chunk, enc, cb) + }, done => { + cacheTargetStream ? cacheTargetStream.end(done) : done() + }) + const oldBody = response.body + const newBody = through({highWaterMark: fitInMemory && MAX_MEM_SIZE}) + response.body = newBody + oldBody.once('error', err => newBody.emit('error', err)) + newBody.once('error', err => oldBody.emit('error', err)) + cacheStream.once('error', err => newBody.emit('error', err)) + pipe(oldBody, to((chunk, enc, cb) => { + cacheStream.write(chunk, enc, () => { + newBody.write(chunk, enc, cb) + }) + }, done => { + cacheStream.end(() => { + newBody.end(() => { + done() + }) + }) + }), err => err && newBody.emit('error', err)) + return response + } + + // Finds the Cache entry whose key is the request, and if found, deletes the + // Cache entry and returns a Promise that resolves to true. If no Cache entry + // is found, it returns false. + 'delete' (req, opts) { + opts = opts || {} + if (typeof opts.memoize === 'object') { + if (opts.memoize.reset) { + opts.memoize.reset() + } else if (opts.memoize.clear) { + opts.memoize.clear() + } else { + Object.keys(opts.memoize).forEach(k => { + opts.memoize[k] = null + }) + } + } + return cacache.rm.entry( + this._path, + cacheKey(req) + // TODO - true/false + ).then(() => false) + } +} + +function matchDetails (req, cached) { + const reqUrl = url.parse(req.url) + const cacheUrl = url.parse(cached.url) + const vary = cached.resHeaders.get('Vary') + // https://tools.ietf.org/html/rfc7234#section-4.1 + if (vary) { + if (vary.match(/\*/)) { + return false + } else { + const fieldsMatch = vary.split(/\s*,\s*/).every(field => { + return cached.reqHeaders.get(field) === req.headers.get(field) + }) + if (!fieldsMatch) { + return false + } + } + } + if (cached.integrity) { + return ssri.parse(cached.integrity).match(cached.cacheIntegrity) + } + reqUrl.hash = null + cacheUrl.hash = null + return url.format(reqUrl) === url.format(cacheUrl) +} + +function addCacheHeaders (resHeaders, path, key, hash, time) { + resHeaders.set('X-Local-Cache', encodeURIComponent(path)) + resHeaders.set('X-Local-Cache-Key', encodeURIComponent(key)) + resHeaders.set('X-Local-Cache-Hash', encodeURIComponent(hash)) + resHeaders.set('X-Local-Cache-Time', new Date(time).toUTCString()) +} diff --git a/node_modules/npm-profile/node_modules/make-fetch-happen/index.js b/node_modules/npm-profile/node_modules/make-fetch-happen/index.js new file mode 100644 index 0000000000000..0f2c164e19f28 --- /dev/null +++ b/node_modules/npm-profile/node_modules/make-fetch-happen/index.js @@ -0,0 +1,482 @@ +'use strict' + +let Cache +const url = require('url') +const CachePolicy = require('http-cache-semantics') +const fetch = require('node-fetch-npm') +const pkg = require('./package.json') +const retry = require('promise-retry') +let ssri +const Stream = require('stream') +const getAgent = require('./agent') +const setWarning = require('./warning') + +const isURL = /^https?:/ +const USER_AGENT = `${pkg.name}/${pkg.version} (+https://npm.im/${pkg.name})` + +const RETRY_ERRORS = [ + 'ECONNRESET', // remote socket closed on us + 'ECONNREFUSED', // remote host refused to open connection + 'EADDRINUSE', // failed to bind to a local port (proxy?) + 'ETIMEDOUT' // someone in the transaction is WAY TOO SLOW + // Known codes we do NOT retry on: + // ENOTFOUND (getaddrinfo failure. Either bad hostname, or offline) +] + +const RETRY_TYPES = [ + 'request-timeout' +] + +// https://fetch.spec.whatwg.org/#http-network-or-cache-fetch +module.exports = cachingFetch +cachingFetch.defaults = function (_uri, _opts) { + const fetch = this + if (typeof _uri === 'object') { + _opts = _uri + _uri = null + } + + function defaultedFetch (uri, opts) { + const finalOpts = Object.assign({}, _opts || {}, opts || {}) + return fetch(uri || _uri, finalOpts) + } + + defaultedFetch.defaults = fetch.defaults + defaultedFetch.delete = fetch.delete + return defaultedFetch +} + +cachingFetch.delete = cacheDelete +function cacheDelete (uri, opts) { + opts = configureOptions(opts) + if (opts.cacheManager) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + return opts.cacheManager.delete(req, opts) + } +} + +function initializeCache (opts) { + if (typeof opts.cacheManager === 'string') { + if (!Cache) { + // Default cacache-based cache + Cache = require('./cache') + } + + opts.cacheManager = new Cache(opts.cacheManager, opts) + } + + opts.cache = opts.cache || 'default' + + if (opts.cache === 'default' && isHeaderConditional(opts.headers)) { + // If header list contains `If-Modified-Since`, `If-None-Match`, + // `If-Unmodified-Since`, `If-Match`, or `If-Range`, fetch will set cache + // mode to "no-store" if it is "default". + opts.cache = 'no-store' + } +} + +function configureOptions (_opts) { + const opts = Object.assign({}, _opts || {}) + opts.method = (opts.method || 'GET').toUpperCase() + + if (opts.retry && typeof opts.retry === 'number') { + opts.retry = { retries: opts.retry } + } + + if (opts.retry === false) { + opts.retry = { retries: 0 } + } + + if (opts.cacheManager) { + initializeCache(opts) + } + + return opts +} + +function initializeSsri () { + if (!ssri) { + ssri = require('ssri') + } +} + +function cachingFetch (uri, _opts) { + const opts = configureOptions(_opts) + + if (opts.integrity) { + initializeSsri() + // if verifying integrity, node-fetch must not decompress + opts.compress = false + } + + const isCachable = (opts.method === 'GET' || opts.method === 'HEAD') && + opts.cacheManager && + opts.cache !== 'no-store' && + opts.cache !== 'reload' + + if (isCachable) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + + return opts.cacheManager.match(req, opts).then(res => { + if (res) { + const warningCode = (res.headers.get('Warning') || '').match(/^\d+/) + if (warningCode && +warningCode >= 100 && +warningCode < 200) { + // https://tools.ietf.org/html/rfc7234#section-4.3.4 + // + // If a stored response is selected for update, the cache MUST: + // + // * delete any Warning header fields in the stored response with + // warn-code 1xx (see Section 5.5); + // + // * retain any Warning header fields in the stored response with + // warn-code 2xx; + // + res.headers.delete('Warning') + } + + if (opts.cache === 'default' && !isStale(req, res)) { + return res + } + + if (opts.cache === 'default' || opts.cache === 'no-cache') { + return conditionalFetch(req, res, opts) + } + + if (opts.cache === 'force-cache' || opts.cache === 'only-if-cached') { + // 112 Disconnected operation + // SHOULD be included if the cache is intentionally disconnected from + // the rest of the network for a period of time. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(res, 112, 'Disconnected operation') + return res + } + } + + if (!res && opts.cache === 'only-if-cached') { + const errorMsg = `request to ${ + uri + } failed: cache mode is 'only-if-cached' but no cached response available.` + + const err = new Error(errorMsg) + err.code = 'ENOTCACHED' + throw err + } + + // Missing cache entry, or mode is default (if stale), reload, no-store + return remoteFetch(req.url, opts) + }) + } + + return remoteFetch(uri, opts) +} + +function iterableToObject (iter) { + const obj = {} + for (let k of iter.keys()) { + obj[k] = iter.get(k) + } + return obj +} + +function makePolicy (req, res) { + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + const _res = { + status: res.status, + headers: iterableToObject(res.headers) + } + + return new CachePolicy(_req, _res, { shared: false }) +} + +// https://tools.ietf.org/html/rfc7234#section-4.2 +function isStale (req, res) { + if (!res) { + return null + } + + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + + const policy = makePolicy(req, res) + + const responseTime = res.headers.get('x-local-cache-time') || + res.headers.get('date') || + 0 + + policy._responseTime = new Date(responseTime) + + const bool = !policy.satisfiesWithoutRevalidation(_req) + return bool +} + +function mustRevalidate (res) { + return (res.headers.get('cache-control') || '').match(/must-revalidate/i) +} + +function conditionalFetch (req, cachedRes, opts) { + const _req = { + url: req.url, + method: req.method, + headers: Object.assign({}, opts.headers || {}) + } + + const policy = makePolicy(req, cachedRes) + opts.headers = policy.revalidationHeaders(_req) + + return remoteFetch(req.url, opts) + .then(condRes => { + const revalidatedPolicy = policy.revalidatedPolicy(_req, { + status: condRes.status, + headers: iterableToObject(condRes.headers) + }) + + if (condRes.status >= 500 && !mustRevalidate(cachedRes)) { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + return cachedRes + } + + if (condRes.status === 304) { // 304 Not Modified + condRes.body = cachedRes.body + return opts.cacheManager.put(req, condRes, opts) + .then(newRes => { + newRes.headers = new fetch.Headers(revalidatedPolicy.policy.responseHeaders()) + return newRes + }) + } + + return condRes + }) + .then(res => res) + .catch(err => { + if (mustRevalidate(cachedRes)) { + throw err + } else { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + // 199 Miscellaneous warning + // The warning text MAY include arbitrary information to be presented to + // a human user, or logged. A system receiving this warning MUST NOT take + // any automated action, besides presenting the warning to the user. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning( + cachedRes, + 199, + `Miscellaneous Warning ${err.code}: ${err.message}` + ) + + return cachedRes + } + }) +} + +function remoteFetchHandleIntegrity (res, integrity) { + const oldBod = res.body + const newBod = ssri.integrityStream({ + integrity + }) + oldBod.pipe(newBod) + res.body = newBod + oldBod.once('error', err => { + newBod.emit('error', err) + }) + newBod.once('error', err => { + oldBod.emit('error', err) + }) +} + +function remoteFetch (uri, opts) { + const agent = getAgent(uri, opts) + const headers = Object.assign({ + 'connection': agent ? 'keep-alive' : 'close', + 'user-agent': USER_AGENT + }, opts.headers || {}) + + const reqOpts = { + agent, + body: opts.body, + compress: opts.compress, + follow: opts.follow, + headers: new fetch.Headers(headers), + method: opts.method, + redirect: 'manual', + size: opts.size, + counter: opts.counter, + timeout: opts.timeout + } + + return retry( + (retryHandler, attemptNum) => { + const req = new fetch.Request(uri, reqOpts) + return fetch(req) + .then(res => { + res.headers.set('x-fetch-attempts', attemptNum) + + if (opts.integrity) { + remoteFetchHandleIntegrity(res, opts.integrity) + } + + const isStream = req.body instanceof Stream + + if (opts.cacheManager) { + const isMethodGetHead = req.method === 'GET' || + req.method === 'HEAD' + + const isCachable = opts.cache !== 'no-store' && + isMethodGetHead && + makePolicy(req, res).storable() && + res.status === 200 // No other statuses should be stored! + + if (isCachable) { + return opts.cacheManager.put(req, res, opts) + } + + if (!isMethodGetHead) { + return opts.cacheManager.delete(req).then(() => { + if (res.status >= 500 && req.method !== 'POST' && !isStream) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + return res + }) + } + } + + const isRetriable = req.method !== 'POST' && + !isStream && ( + res.status === 408 || // Request Timeout + res.status === 420 || // Enhance Your Calm (usually Twitter rate-limit) + res.status === 429 || // Too Many Requests ("standard" rate-limiting) + res.status >= 500 // Assume server errors are momentary hiccups + ) + + if (isRetriable) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + if (!fetch.isRedirect(res.status) || opts.redirect === 'manual') { + return res + } + + // handle redirects - matches behavior of npm-fetch: https://github.com/bitinn/node-fetch + if (opts.redirect === 'error') { + const err = new Error(`redirect mode is set to error: ${uri}`) + err.code = 'ENOREDIRECT' + throw err + } + + if (!res.headers.get('location')) { + const err = new Error(`redirect location header missing at: ${uri}`) + err.code = 'EINVALIDREDIRECT' + throw err + } + + if (req.counter >= req.follow) { + const err = new Error(`maximum redirect reached at: ${uri}`) + err.code = 'EMAXREDIRECT' + throw err + } + + const resolvedUrl = url.resolve(req.url, res.headers.get('location')) + let redirectURL = url.parse(resolvedUrl) + + if (isURL.test(res.headers.get('location'))) { + redirectURL = url.parse(res.headers.get('location')) + } + + // Remove authorization if changing hostnames (but not if just + // changing ports or protocols). This matches the behavior of request: + // https://github.com/request/request/blob/b12a6245/lib/redirect.js#L134-L138 + if (url.parse(req.url).hostname !== redirectURL.hostname) { + req.headers.delete('authorization') + } + + // for POST request with 301/302 response, or any request with 303 response, + // use GET when following redirect + if (res.status === 303 || + ((res.status === 301 || res.status === 302) && req.method === 'POST')) { + opts.method = 'GET' + opts.body = null + req.headers.delete('content-length') + } + + opts.headers = {} + req.headers.forEach((value, name) => { + opts.headers[name] = value + }) + + opts.counter = ++req.counter + return cachingFetch(resolvedUrl, opts) + }) + .catch(err => { + const code = err.code === 'EPROMISERETRY' ? err.retried.code : err.code + + const isRetryError = RETRY_ERRORS.indexOf(code) === -1 && + RETRY_TYPES.indexOf(err.type) === -1 + + if (req.method === 'POST' || isRetryError) { + throw err + } + + if (typeof opts.onRetry === 'function') { + opts.onRetry(err) + } + + return retryHandler(err) + }) + }, + opts.retry + ).catch(err => { + if (err.status >= 400) { + return err + } + + throw err + }) +} + +function isHeaderConditional (headers) { + if (!headers || typeof headers !== 'object') { + return false + } + + const modifiers = [ + 'if-modified-since', + 'if-none-match', + 'if-unmodified-since', + 'if-match', + 'if-range' + ] + + return Object.keys(headers) + .some(h => modifiers.indexOf(h.toLowerCase()) !== -1) +} diff --git a/node_modules/npm-profile/node_modules/make-fetch-happen/package.json b/node_modules/npm-profile/node_modules/make-fetch-happen/package.json new file mode 100644 index 0000000000000..7a7bf3f08868a --- /dev/null +++ b/node_modules/npm-profile/node_modules/make-fetch-happen/package.json @@ -0,0 +1,94 @@ +{ + "_from": "make-fetch-happen@^4.0.2", + "_id": "make-fetch-happen@4.0.2", + "_inBundle": false, + "_integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "_location": "/npm-profile/make-fetch-happen", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "make-fetch-happen@^4.0.2", + "name": "make-fetch-happen", + "escapedName": "make-fetch-happen", + "rawSpec": "^4.0.2", + "saveSpec": null, + "fetchSpec": "^4.0.2" + }, + "_requiredBy": [ + "/npm-profile/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "_shasum": "2d156b11696fb32bffbafe1ac1bc085dd6c78a79", + "_spec": "make-fetch-happen@^4.0.2", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/npm-profile/node_modules/npm-registry-fetch", + "author": { + "name": "Kat Marchán", + "email": "kzm@zkat.tech" + }, + "bugs": { + "url": "https://github.com/zkat/make-fetch-happen/issues" + }, + "bundleDependencies": false, + "dependencies": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + }, + "deprecated": false, + "description": "Opinionated, caching, retrying fetch client", + "devDependencies": { + "bluebird": "^3.5.1", + "mkdirp": "^0.5.1", + "nock": "^9.2.3", + "npmlog": "^4.1.2", + "require-inject": "^1.4.2", + "rimraf": "^2.6.2", + "safe-buffer": "^5.1.1", + "standard": "^11.0.1", + "standard-version": "^4.3.0", + "tacks": "^1.2.6", + "tap": "^12.7.0", + "weallbehave": "^1.0.0", + "weallcontribute": "^1.0.7" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/zkat/make-fetch-happen#readme", + "keywords": [ + "http", + "request", + "fetch", + "mean girls", + "caching", + "cache", + "subresource integrity" + ], + "license": "ISC", + "main": "index.js", + "name": "make-fetch-happen", + "repository": { + "type": "git", + "url": "git+https://github.com/zkat/make-fetch-happen.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap --coverage --nyc-arg=--all --timeout=35 -J test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/npm-profile/node_modules/make-fetch-happen/warning.js b/node_modules/npm-profile/node_modules/make-fetch-happen/warning.js new file mode 100644 index 0000000000000..b8f13cf83195a --- /dev/null +++ b/node_modules/npm-profile/node_modules/make-fetch-happen/warning.js @@ -0,0 +1,24 @@ +const url = require('url') + +module.exports = setWarning + +function setWarning (reqOrRes, code, message, replace) { + // Warning = "Warning" ":" 1#warning-value + // warning-value = warn-code SP warn-agent SP warn-text [SP warn-date] + // warn-code = 3DIGIT + // warn-agent = ( host [ ":" port ] ) | pseudonym + // ; the name or pseudonym of the server adding + // ; the Warning header, for use in debugging + // warn-text = quoted-string + // warn-date = <"> HTTP-date <"> + // (https://tools.ietf.org/html/rfc2616#section-14.46) + const host = url.parse(reqOrRes.url).host + const jsonMessage = JSON.stringify(message) + const jsonDate = JSON.stringify(new Date().toUTCString()) + const header = replace ? 'set' : 'append' + + reqOrRes.headers[header]( + 'Warning', + `${code} ${host} ${jsonMessage} ${jsonDate}` + ) +} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 0000000000000..d24e026914c23 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,214 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + + +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + + +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + + +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + + +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + + +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + + +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + + +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + + +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + + +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + + +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + + +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + + +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + + +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + + +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + + +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + + +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + + +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/README.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/README.md new file mode 100644 index 0000000000000..0c3f4f9469955 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [![npm version](https://img.shields.io/npm/v/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![license](https://img.shields.io/npm/l/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![Travis](https://img.shields.io/travis/npm/npm-registry-fetch/latest.svg)](https://travis-ci.org/npm/npm-registry-fetch) [![AppVeyor](https://img.shields.io/appveyor/ci/zkat/npm-registry-fetch/latest.svg)](https://ci.appveyor.com/project/npm/npm-registry-fetch) [![Coverage Status](https://coveralls.io/repos/github/npm/npm-registry-fetch/badge.svg?branch=latest)](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(url, [opts]) -> Promise` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### `> fetch.json(url, [opts]) -> Promise` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### `opts.:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@/node@+ ()'` + +User agent string to send in the `User-Agent` header. + +##### `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/auth.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 0000000000000..d583982d0a8b2 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/check-response.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 0000000000000..bfde699edcfbd --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/config.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/config.js new file mode 100644 index 0000000000000..7fe5dacc94362 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,98 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gid': {}, + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'uid': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/errors.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 0000000000000..ba78735fce135 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/index.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/index.js new file mode 100644 index 0000000000000..4ba3c19243471 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,193 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout, + uid: opts.uid, + gid: opts.gid + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/package.json b/node_modules/npm-profile/node_modules/npm-registry-fetch/package.json new file mode 100644 index 0000000000000..03a83cc056a51 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,92 @@ +{ + "_from": "npm-registry-fetch@^3.8.0", + "_id": "npm-registry-fetch@3.9.1", + "_inBundle": false, + "_integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "_location": "/npm-profile/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^3.8.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^3.8.0", + "saveSpec": null, + "fetchSpec": "^3.8.0" + }, + "_requiredBy": [ + "/npm-profile" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "_shasum": "00ff6e4e35d3f75a172b332440b53e93f4cb67de", + "_spec": "npm-registry-fetch@^3.8.0", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/npm-profile", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^11.3.3", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "3.9.1" +} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/silentlog.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 0000000000000..886c5d55b2dbb --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/npm-registry-fetch/CHANGELOG.md index d24e026914c23..fc6ba4f7e3fec 100644 --- a/node_modules/npm-registry-fetch/CHANGELOG.md +++ b/node_modules/npm-registry-fetch/CHANGELOG.md @@ -2,6 +2,20 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) + + +* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) + + +### BREAKING CHANGES + +* uid and gid are inferred from cache folder, rather than +being passed in as options. + + + ## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) diff --git a/node_modules/npm-registry-fetch/config.js b/node_modules/npm-registry-fetch/config.js index 7fe5dacc94362..1c43b26eadd4c 100644 --- a/node_modules/npm-registry-fetch/config.js +++ b/node_modules/npm-registry-fetch/config.js @@ -19,7 +19,6 @@ module.exports = figgyPudding({ 'fetch-retry-mintimeout': {}, 'force-auth': {}, forceAuth: 'force-auth', - 'gid': {}, 'gzip': {}, 'headers': {}, 'https-proxy': {}, @@ -77,7 +76,6 @@ module.exports = figgyPudding({ 'spec': {}, 'strict-ssl': {}, 'timeout': {}, - 'uid': {}, 'user-agent': { default: `${ pkg.name diff --git a/node_modules/npm-registry-fetch/index.js b/node_modules/npm-registry-fetch/index.js index 4ba3c19243471..c18487388b269 100644 --- a/node_modules/npm-registry-fetch/index.js +++ b/node_modules/npm-registry-fetch/index.js @@ -99,9 +99,7 @@ function regFetch (uri, opts) { maxTimeout: opts['fetch-retry-maxtimeout'] }, strictSSL: !!opts['strict-ssl'], - timeout: opts.timeout, - uid: opts.uid, - gid: opts.gid + timeout: opts.timeout }).then(res => checkResponse( opts.method || 'GET', res, registry, startTime, opts ))) diff --git a/node_modules/npm-registry-fetch/package.json b/node_modules/npm-registry-fetch/package.json index 8502fb763f235..e3fe4088a517e 100644 --- a/node_modules/npm-registry-fetch/package.json +++ b/node_modules/npm-registry-fetch/package.json @@ -1,48 +1,27 @@ { - "_from": "npm-registry-fetch@3.9.1", - "_id": "npm-registry-fetch@3.9.1", + "_from": "npm-registry-fetch@4.0.0", + "_id": "npm-registry-fetch@4.0.0", "_inBundle": false, - "_integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "_integrity": "sha512-Jllq35Jag8dtv0M17ue74XtdQTyqKzuAYGiX9mAjOhkmNjib3bBUgK6mUY61+AHnXeSRobQkpY3/xIOS/omptw==", "_location": "/npm-registry-fetch", - "_phantomChildren": { - "agentkeepalive": "3.4.1", - "cacache": "11.3.3", - "http-cache-semantics": "3.8.1", - "http-proxy-agent": "2.1.0", - "https-proxy-agent": "2.2.1", - "lru-cache": "5.1.1", - "mississippi": "3.0.0", - "node-fetch-npm": "2.0.2", - "promise-retry": "1.1.1", - "socks-proxy-agent": "4.0.1", - "ssri": "6.0.1" - }, + "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "npm-registry-fetch@3.9.1", + "raw": "npm-registry-fetch@4.0.0", "name": "npm-registry-fetch", "escapedName": "npm-registry-fetch", - "rawSpec": "3.9.1", + "rawSpec": "4.0.0", "saveSpec": null, - "fetchSpec": "3.9.1" + "fetchSpec": "4.0.0" }, "_requiredBy": [ "#USER", - "/", - "/libnpm", - "/libnpmaccess", - "/libnpmhook", - "/libnpmorg", - "/libnpmpublish", - "/libnpmsearch", - "/libnpmteam", - "/npm-profile", - "/pacote" + "/" ], - "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", - "_shasum": "00ff6e4e35d3f75a172b332440b53e93f4cb67de", - "_spec": "npm-registry-fetch@3.9.1", + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.0.tgz", + "_shasum": "5ef75845b605855c7964472542c25da172af8677", + "_spec": "npm-registry-fetch@4.0.0", "_where": "/Users/isaacs/dev/npm/cli", "author": { "name": "Kat Marchán", @@ -65,13 +44,13 @@ "bluebird": "^3.5.1", "figgy-pudding": "^3.4.1", "lru-cache": "^5.1.1", - "make-fetch-happen": "^4.0.2", + "make-fetch-happen": "^5.0.0", "npm-package-arg": "^6.1.0" }, "deprecated": false, "description": "Fetch-based http client for use with npm registry APIs", "devDependencies": { - "cacache": "^11.3.3", + "cacache": "^12.0.0", "get-stream": "^4.0.0", "mkdirp": "^0.5.1", "nock": "^9.4.3", @@ -110,5 +89,5 @@ "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" }, - "version": "3.9.1" + "version": "4.0.0" } diff --git a/node_modules/pacote/node_modules/cacache/CHANGELOG.md b/node_modules/pacote/node_modules/cacache/CHANGELOG.md new file mode 100644 index 0000000000000..b444fa022667a --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/CHANGELOG.md @@ -0,0 +1,637 @@ +# Changelog + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +## [12.0.0](https://github.com/zkat/cacache/compare/v11.3.3...v12.0.0) (2019-07-15) + + +### Features + +* infer uid/gid instead of accepting as options ([ac84d14](https://github.com/zkat/cacache/commit/ac84d14)) +* **i18n:** add another error message ([676cb32](https://github.com/zkat/cacache/commit/676cb32)) + + +### BREAKING CHANGES + +* the uid gid options are no longer respected or +necessary. As of this change, cacache will always match the cache +contents to the ownership of the cache directory (or its parent +directory), regardless of what the caller passes in. + +Reasoning: + +The number one reason to use a uid or gid option was to keep root-owned +files from causing problems in the cache. In npm's case, this meant +that CLI's ./lib/command.js had to work out the appropriate uid and gid, +then pass it to the libnpmcommand module, which had to in turn pass the +uid and gid to npm-registry-fetch, which then passed it to +make-fetch-happen, which passed it to cacache. (For package fetching, +pacote would be in that mix as well.) + +Added to that, `cacache.rm()` will actually _write_ a file into the +cache index, but has no way to accept an option so that its call to +entry-index.js will write the index with the appropriate uid/gid. +Little ownership bugs were all over the place, and tricky to trace +through. (Why should make-fetch-happen even care about accepting or +passing uids and gids? It's an http library.) + +This change allows us to keep the cache from having mixed ownership in +any situation. + +Of course, this _does_ mean that if you have a root-owned but +user-writable folder (for example, `/tmp`), then the cache will try to +chown everything to root. + +The solution is for the user to create a folder, make it user-owned, and +use that, rather than relying on cacache to create the root cache folder. + +If we decide to restore the uid/gid opts, and use ownership inferrence +only when uid/gid are unset, then take care to also make rm take an +option object, and pass it through to entry-index.js. + + + +### [11.3.3](https://github.com/zkat/cacache/compare/v11.3.2...v11.3.3) (2019-06-17) + + +### Bug Fixes + +* **audit:** npm audit fix ([200a6d5](https://github.com/zkat/cacache/commit/200a6d5)) +* **config:** Add ssri config 'error' option ([#146](https://github.com/zkat/cacache/issues/146)) ([47de8f5](https://github.com/zkat/cacache/commit/47de8f5)) +* **deps:** npm audit fix ([481a7dc](https://github.com/zkat/cacache/commit/481a7dc)) +* **standard:** standard --fix ([7799149](https://github.com/zkat/cacache/commit/7799149)) +* **write:** avoid another cb never called situation ([5156561](https://github.com/zkat/cacache/commit/5156561)) + + + + +## [11.3.2](https://github.com/zkat/cacache/compare/v11.3.1...v11.3.2) (2018-12-21) + + +### Bug Fixes + +* **get:** make sure to handle errors in the .then ([b10bcd0](https://github.com/zkat/cacache/commit/b10bcd0)) + + + + +## [11.3.1](https://github.com/zkat/cacache/compare/v11.3.0...v11.3.1) (2018-11-05) + + +### Bug Fixes + +* **get:** export hasContent.sync properly ([d76c920](https://github.com/zkat/cacache/commit/d76c920)) + + + + +# [11.3.0](https://github.com/zkat/cacache/compare/v11.2.0...v11.3.0) (2018-11-05) + + +### Features + +* **get:** add sync API for reading ([db1e094](https://github.com/zkat/cacache/commit/db1e094)) + + + + +# [11.2.0](https://github.com/zkat/cacache/compare/v11.1.0...v11.2.0) (2018-08-08) + + +### Features + +* **read:** add sync support to other internal read.js fns ([fe638b6](https://github.com/zkat/cacache/commit/fe638b6)) + + + + +# [11.1.0](https://github.com/zkat/cacache/compare/v11.0.3...v11.1.0) (2018-08-01) + + +### Features + +* **read:** add sync support for low-level content read ([b43af83](https://github.com/zkat/cacache/commit/b43af83)) + + + + +## [11.0.3](https://github.com/zkat/cacache/compare/v11.0.2...v11.0.3) (2018-08-01) + + +### Bug Fixes + +* **config:** add ssri config options ([#136](https://github.com/zkat/cacache/issues/136)) ([10d5d9a](https://github.com/zkat/cacache/commit/10d5d9a)) +* **perf:** refactor content.read to avoid lstats ([c5ac10e](https://github.com/zkat/cacache/commit/c5ac10e)) +* **test:** oops when removing safe-buffer ([1950490](https://github.com/zkat/cacache/commit/1950490)) + + + + +## [11.0.2](https://github.com/zkat/cacache/compare/v11.0.1...v11.0.2) (2018-05-07) + + +### Bug Fixes + +* **verify:** size param no longer lost in a verify ([#131](https://github.com/zkat/cacache/issues/131)) ([c614a19](https://github.com/zkat/cacache/commit/c614a19)), closes [#130](https://github.com/zkat/cacache/issues/130) + + + + +## [11.0.1](https://github.com/zkat/cacache/compare/v11.0.0...v11.0.1) (2018-04-10) + + + + +# [11.0.0](https://github.com/zkat/cacache/compare/v10.0.4...v11.0.0) (2018-04-09) + + +### Features + +* **opts:** use figgy-pudding for opts ([#128](https://github.com/zkat/cacache/issues/128)) ([33d4eed](https://github.com/zkat/cacache/commit/33d4eed)) + + +### meta + +* drop support for node@4 ([529f347](https://github.com/zkat/cacache/commit/529f347)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +## [10.0.4](https://github.com/zkat/cacache/compare/v10.0.3...v10.0.4) (2018-02-16) + + + + +## [10.0.3](https://github.com/zkat/cacache/compare/v10.0.2...v10.0.3) (2018-02-16) + + +### Bug Fixes + +* **content:** rethrow aggregate errors as ENOENT ([fa918f5](https://github.com/zkat/cacache/commit/fa918f5)) + + + + +## [10.0.2](https://github.com/zkat/cacache/compare/v10.0.1...v10.0.2) (2018-01-07) + + +### Bug Fixes + +* **ls:** deleted entries could cause a premature stream EOF ([347dc36](https://github.com/zkat/cacache/commit/347dc36)) + + + + +## [10.0.1](https://github.com/zkat/cacache/compare/v10.0.0...v10.0.1) (2017-11-15) + + +### Bug Fixes + +* **move-file:** actually use the fallback to `move-concurrently` (#110) ([073fbe1](https://github.com/zkat/cacache/commit/073fbe1)) + + + + +# [10.0.0](https://github.com/zkat/cacache/compare/v9.3.0...v10.0.0) (2017-10-23) + + +### Features + +* **license:** relicense to ISC (#111) ([fdbb4e5](https://github.com/zkat/cacache/commit/fdbb4e5)) + + +### Performance Improvements + +* more copyFile benchmarks ([63787bb](https://github.com/zkat/cacache/commit/63787bb)) + + +### BREAKING CHANGES + +* **license:** the license has been changed from CC0-1.0 to ISC. + + + + +# [9.3.0](https://github.com/zkat/cacache/compare/v9.2.9...v9.3.0) (2017-10-07) + + +### Features + +* **copy:** added cacache.get.copy api for fast copies (#107) ([067b5f6](https://github.com/zkat/cacache/commit/067b5f6)) + + + + +## [9.2.9](https://github.com/zkat/cacache/compare/v9.2.8...v9.2.9) (2017-06-17) + + + + +## [9.2.8](https://github.com/zkat/cacache/compare/v9.2.7...v9.2.8) (2017-06-05) + + +### Bug Fixes + +* **ssri:** bump ssri for bugfix ([c3232ea](https://github.com/zkat/cacache/commit/c3232ea)) + + + + +## [9.2.7](https://github.com/zkat/cacache/compare/v9.2.6...v9.2.7) (2017-06-05) + + +### Bug Fixes + +* **content:** make verified content completely read-only (#96) ([4131196](https://github.com/zkat/cacache/commit/4131196)) + + + + +## [9.2.6](https://github.com/zkat/cacache/compare/v9.2.5...v9.2.6) (2017-05-31) + + +### Bug Fixes + +* **node:** update ssri to prevent old node 4 crash ([5209ffe](https://github.com/zkat/cacache/commit/5209ffe)) + + + + +## [9.2.5](https://github.com/zkat/cacache/compare/v9.2.4...v9.2.5) (2017-05-25) + + +### Bug Fixes + +* **deps:** fix lockfile issues and bump ssri ([84e1d7e](https://github.com/zkat/cacache/commit/84e1d7e)) + + + + +## [9.2.4](https://github.com/zkat/cacache/compare/v9.2.3...v9.2.4) (2017-05-24) + + +### Bug Fixes + +* **deps:** bumping deps ([bbccb12](https://github.com/zkat/cacache/commit/bbccb12)) + + + + +## [9.2.3](https://github.com/zkat/cacache/compare/v9.2.2...v9.2.3) (2017-05-24) + + +### Bug Fixes + +* **rm:** stop crashing if content is missing on rm ([ac90bc0](https://github.com/zkat/cacache/commit/ac90bc0)) + + + + +## [9.2.2](https://github.com/zkat/cacache/compare/v9.2.1...v9.2.2) (2017-05-14) + + +### Bug Fixes + +* **i18n:** lets pretend this didn't happen ([519b4ee](https://github.com/zkat/cacache/commit/519b4ee)) + + + + +## [9.2.1](https://github.com/zkat/cacache/compare/v9.2.0...v9.2.1) (2017-05-14) + + +### Bug Fixes + +* **docs:** fixing translation messup ([bb9e4f9](https://github.com/zkat/cacache/commit/bb9e4f9)) + + + + +# [9.2.0](https://github.com/zkat/cacache/compare/v9.1.0...v9.2.0) (2017-05-14) + + +### Features + +* **i18n:** add Spanish translation for API ([531f9a4](https://github.com/zkat/cacache/commit/531f9a4)) + + + + +# [9.1.0](https://github.com/zkat/cacache/compare/v9.0.0...v9.1.0) (2017-05-14) + + +### Features + +* **i18n:** Add Spanish translation and i18n setup (#91) ([323b90c](https://github.com/zkat/cacache/commit/323b90c)) + + + + +# [9.0.0](https://github.com/zkat/cacache/compare/v8.0.0...v9.0.0) (2017-04-28) + + +### Bug Fixes + +* **memoization:** actually use the LRU ([0e55dc9](https://github.com/zkat/cacache/commit/0e55dc9)) + + +### Features + +* **memoization:** memoizers can be injected through opts.memoize (#90) ([e5614c7](https://github.com/zkat/cacache/commit/e5614c7)) + + +### BREAKING CHANGES + +* **memoization:** If you were passing an object to opts.memoize, it will now be used as an injected memoization object. If you were only passing booleans and other non-objects through that option, no changes are needed. + + + + +# [8.0.0](https://github.com/zkat/cacache/compare/v7.1.0...v8.0.0) (2017-04-22) + + +### Features + +* **read:** change hasContent to return {sri, size} (#88) ([bad6c49](https://github.com/zkat/cacache/commit/bad6c49)), closes [#87](https://github.com/zkat/cacache/issues/87) + + +### BREAKING CHANGES + +* **read:** hasContent now returns an object with `{sri, size}` instead of `sri`. Use `result.sri` anywhere that needed the old return value. + + + + +# [7.1.0](https://github.com/zkat/cacache/compare/v7.0.5...v7.1.0) (2017-04-20) + + +### Features + +* **size:** handle content size info (#49) ([91230af](https://github.com/zkat/cacache/commit/91230af)) + + + + +## [7.0.5](https://github.com/zkat/cacache/compare/v7.0.4...v7.0.5) (2017-04-18) + + +### Bug Fixes + +* **integrity:** new ssri with fixed integrity stream ([6d13e8e](https://github.com/zkat/cacache/commit/6d13e8e)) +* **write:** wrap stuff in promises to improve errors ([3624fc5](https://github.com/zkat/cacache/commit/3624fc5)) + + + + +## [7.0.4](https://github.com/zkat/cacache/compare/v7.0.3...v7.0.4) (2017-04-15) + + +### Bug Fixes + +* **fix-owner:** throw away ENOENTs on chownr ([d49bbcd](https://github.com/zkat/cacache/commit/d49bbcd)) + + + + +## [7.0.3](https://github.com/zkat/cacache/compare/v7.0.2...v7.0.3) (2017-04-05) + + +### Bug Fixes + +* **read:** fixing error message for integrity verification failures ([9d4f0a5](https://github.com/zkat/cacache/commit/9d4f0a5)) + + + + +## [7.0.2](https://github.com/zkat/cacache/compare/v7.0.1...v7.0.2) (2017-04-03) + + +### Bug Fixes + +* **integrity:** use EINTEGRITY error code and update ssri ([8dc2e62](https://github.com/zkat/cacache/commit/8dc2e62)) + + + + +## [7.0.1](https://github.com/zkat/cacache/compare/v7.0.0...v7.0.1) (2017-04-03) + + +### Bug Fixes + +* **docs:** fix header name conflict in readme ([afcd456](https://github.com/zkat/cacache/commit/afcd456)) + + + + +# [7.0.0](https://github.com/zkat/cacache/compare/v6.3.0...v7.0.0) (2017-04-03) + + +### Bug Fixes + +* **test:** fix content.write tests when running in docker ([d2e9b6a](https://github.com/zkat/cacache/commit/d2e9b6a)) + + +### Features + +* **integrity:** subresource integrity support (#78) ([b1e731f](https://github.com/zkat/cacache/commit/b1e731f)) + + +### BREAKING CHANGES + +* **integrity:** The entire API has been overhauled to use SRI hashes instead of digest/hashAlgorithm pairs. SRI hashes follow the Subresource Integrity standard and support strings and objects compatible with [`ssri`](https://npm.im/ssri). + +* This change bumps the index version, which will invalidate all previous index entries. Content entries will remain intact, and existing caches will automatically reuse any content from before this breaking change. + +* `cacache.get.info()`, `cacache.ls()`, and `cacache.ls.stream()` will now return objects that looks like this: + +``` +{ + key: String, + integrity: '-', + path: ContentPath, + time: Date, + metadata: Any +} +``` + +* `opts.digest` and `opts.hashAlgorithm` are obsolete for any API calls that used them. + +* Anywhere `opts.digest` was accepted, `opts.integrity` is now an option. Any valid SRI hash is accepted here -- multiple hash entries will be resolved according to the standard: first, the "strongest" hash algorithm will be picked, and then each of the entries for that algorithm will be matched against the content. Content will be validated if *any* of the entries match (so, a single integrity string can be used for multiple "versions" of the same document/data). + +* `put.byDigest()`, `put.stream.byDigest`, `get.byDigest()` and `get.stream.byDigest()` now expect an SRI instead of a `digest` + `opts.hashAlgorithm` pairing. + +* `get.hasContent()` now expects an integrity hash instead of a digest. If content exists, it will return the specific single integrity hash that was found in the cache. + +* `verify()` has learned to handle integrity-based caches, and forgotten how to handle old-style cache indices due to the format change. + +* `cacache.rm.content()` now expects an integrity hash instead of a hex digest. + + + + +# [6.3.0](https://github.com/zkat/cacache/compare/v6.2.0...v6.3.0) (2017-04-01) + + +### Bug Fixes + +* **fixOwner:** ignore EEXIST race condition from mkdirp ([4670e9b](https://github.com/zkat/cacache/commit/4670e9b)) +* **index:** ignore index removal races when inserting ([b9d2fa2](https://github.com/zkat/cacache/commit/b9d2fa2)) +* **memo:** use lru-cache for better mem management (#75) ([d8ac5aa](https://github.com/zkat/cacache/commit/d8ac5aa)) + + +### Features + +* **dependencies:** Switch to move-concurrently (#77) ([dc6482d](https://github.com/zkat/cacache/commit/dc6482d)) + + + + +# [6.2.0](https://github.com/zkat/cacache/compare/v6.1.2...v6.2.0) (2017-03-15) + + +### Bug Fixes + +* **index:** additional bucket entry verification with checksum (#72) ([f8e0f25](https://github.com/zkat/cacache/commit/f8e0f25)) +* **verify:** return fixOwner.chownr promise ([6818521](https://github.com/zkat/cacache/commit/6818521)) + + +### Features + +* **tmp:** safe tmp dir creation/management util (#73) ([c42da71](https://github.com/zkat/cacache/commit/c42da71)) + + + + +## [6.1.2](https://github.com/zkat/cacache/compare/v6.1.1...v6.1.2) (2017-03-13) + + +### Bug Fixes + +* **index:** set default hashAlgorithm ([d6eb2f0](https://github.com/zkat/cacache/commit/d6eb2f0)) + + + + +## [6.1.1](https://github.com/zkat/cacache/compare/v6.1.0...v6.1.1) (2017-03-13) + + +### Bug Fixes + +* **coverage:** bumping coverage for verify (#71) ([0b7faf6](https://github.com/zkat/cacache/commit/0b7faf6)) +* **deps:** glob should have been a regular dep :< ([0640bc4](https://github.com/zkat/cacache/commit/0640bc4)) + + + + +# [6.1.0](https://github.com/zkat/cacache/compare/v6.0.2...v6.1.0) (2017-03-12) + + +### Bug Fixes + +* **coverage:** more coverage for content reads (#70) ([ef4f70a](https://github.com/zkat/cacache/commit/ef4f70a)) +* **tests:** use safe-buffer because omfg (#69) ([6ab8132](https://github.com/zkat/cacache/commit/6ab8132)) + + +### Features + +* **rm:** limited rm.all and fixed bugs (#66) ([d5d25ba](https://github.com/zkat/cacache/commit/d5d25ba)), closes [#66](https://github.com/zkat/cacache/issues/66) +* **verify:** tested, working cache verifier/gc (#68) ([45ad77a](https://github.com/zkat/cacache/commit/45ad77a)) + + + + +## [6.0.2](https://github.com/zkat/cacache/compare/v6.0.1...v6.0.2) (2017-03-11) + + +### Bug Fixes + +* **index:** segment cache items with another subbucket (#64) ([c3644e5](https://github.com/zkat/cacache/commit/c3644e5)) + + + + +## [6.0.1](https://github.com/zkat/cacache/compare/v6.0.0...v6.0.1) (2017-03-05) + + +### Bug Fixes + +* **docs:** Missed spots in README ([8ffb7fa](https://github.com/zkat/cacache/commit/8ffb7fa)) + + + + +# [6.0.0](https://github.com/zkat/cacache/compare/v5.0.3...v6.0.0) (2017-03-05) + + +### Bug Fixes + +* **api:** keep memo cache mostly-internal ([2f72d0a](https://github.com/zkat/cacache/commit/2f72d0a)) +* **content:** use the rest of the string, not the whole string ([fa8f3c3](https://github.com/zkat/cacache/commit/fa8f3c3)) +* **deps:** removed `format-number[@2](https://github.com/2).0.2` ([1187791](https://github.com/zkat/cacache/commit/1187791)) +* **deps:** removed inflight[@1](https://github.com/1).0.6 ([0d1819c](https://github.com/zkat/cacache/commit/0d1819c)) +* **deps:** rimraf[@2](https://github.com/2).6.1 ([9efab6b](https://github.com/zkat/cacache/commit/9efab6b)) +* **deps:** standard[@9](https://github.com/9).0.0 ([4202cba](https://github.com/zkat/cacache/commit/4202cba)) +* **deps:** tap[@10](https://github.com/10).3.0 ([aa03088](https://github.com/zkat/cacache/commit/aa03088)) +* **deps:** weallcontribute[@1](https://github.com/1).0.8 ([ad4f4dc](https://github.com/zkat/cacache/commit/ad4f4dc)) +* **docs:** add security note to hashKey ([03f81ba](https://github.com/zkat/cacache/commit/03f81ba)) +* **hashes:** change default hashAlgorithm to sha512 ([ea00ba6](https://github.com/zkat/cacache/commit/ea00ba6)) +* **hashes:** missed a spot for hashAlgorithm defaults ([45997d8](https://github.com/zkat/cacache/commit/45997d8)) +* **index:** add length header before JSON for verification ([fb8cb4d](https://github.com/zkat/cacache/commit/fb8cb4d)) +* **index:** change index filenames to sha1s of keys ([bbc5fca](https://github.com/zkat/cacache/commit/bbc5fca)) +* **index:** who cares about race conditions anyway ([b1d3888](https://github.com/zkat/cacache/commit/b1d3888)) +* **perf:** bulk-read get+read for massive speed ([d26cdf9](https://github.com/zkat/cacache/commit/d26cdf9)) +* **perf:** use bulk file reads for index reads ([79a8891](https://github.com/zkat/cacache/commit/79a8891)) +* **put-stream:** remove tmp file on stream insert error ([65f6632](https://github.com/zkat/cacache/commit/65f6632)) +* **put-stream:** robustified and predictibilized ([daf9e08](https://github.com/zkat/cacache/commit/daf9e08)) +* **put-stream:** use new promise API for moves ([1d36013](https://github.com/zkat/cacache/commit/1d36013)) +* **readme:** updated to reflect new default hashAlgo ([c60a2fa](https://github.com/zkat/cacache/commit/c60a2fa)) +* **verify:** tiny typo fix ([db22d05](https://github.com/zkat/cacache/commit/db22d05)) + + +### Features + +* **api:** converted external api ([7bf032f](https://github.com/zkat/cacache/commit/7bf032f)) +* **cacache:** exported clearMemoized() utility ([8d2c5b6](https://github.com/zkat/cacache/commit/8d2c5b6)) +* **cache:** add versioning to content and index ([31bc549](https://github.com/zkat/cacache/commit/31bc549)) +* **content:** collate content files into subdirs ([c094d9f](https://github.com/zkat/cacache/commit/c094d9f)) +* **deps:** [@npmcorp](https://github.com/npmcorp)/move[@1](https://github.com/1).0.0 ([bdd00bf](https://github.com/zkat/cacache/commit/bdd00bf)) +* **deps:** bluebird[@3](https://github.com/3).4.7 ([3a17aff](https://github.com/zkat/cacache/commit/3a17aff)) +* **deps:** promise-inflight[@1](https://github.com/1).0.1 ([a004fe6](https://github.com/zkat/cacache/commit/a004fe6)) +* **get:** added memoization support for get ([c77d794](https://github.com/zkat/cacache/commit/c77d794)) +* **get:** export hasContent ([2956ec3](https://github.com/zkat/cacache/commit/2956ec3)) +* **index:** add hashAlgorithm and format insert ret val ([b639746](https://github.com/zkat/cacache/commit/b639746)) +* **index:** collate index files into subdirs ([e8402a5](https://github.com/zkat/cacache/commit/e8402a5)) +* **index:** promisify entry index ([cda3335](https://github.com/zkat/cacache/commit/cda3335)) +* **memo:** added memoization lib ([da07b92](https://github.com/zkat/cacache/commit/da07b92)) +* **memo:** export memoization api ([954b1b3](https://github.com/zkat/cacache/commit/954b1b3)) +* **move-file:** add move fallback for weird errors ([5cf4616](https://github.com/zkat/cacache/commit/5cf4616)) +* **perf:** bulk content write api ([51b536e](https://github.com/zkat/cacache/commit/51b536e)) +* **put:** added memoization support to put ([b613a70](https://github.com/zkat/cacache/commit/b613a70)) +* **read:** switched to promises ([a869362](https://github.com/zkat/cacache/commit/a869362)) +* **rm:** added memoization support to rm ([4205cf0](https://github.com/zkat/cacache/commit/4205cf0)) +* **rm:** switched to promises ([a000d24](https://github.com/zkat/cacache/commit/a000d24)) +* **util:** promise-inflight ownership fix requests ([9517cd7](https://github.com/zkat/cacache/commit/9517cd7)) +* **util:** use promises for api ([ae204bb](https://github.com/zkat/cacache/commit/ae204bb)) +* **verify:** converted to Promises ([f0b3974](https://github.com/zkat/cacache/commit/f0b3974)) + + +### BREAKING CHANGES + +* cache: index/content directories are now versioned. Previous caches are no longer compatible and cannot be migrated. +* util: fix-owner now uses Promises instead of callbacks +* index: Previously-generated index entries are no longer compatible and the index must be regenerated. +* index: The index format has changed and previous caches are no longer compatible. Existing caches will need to be regenerated. +* hashes: Default hashAlgorithm changed from sha1 to sha512. If you +rely on the prior setting, pass `opts.hashAlgorithm` in explicitly. +* content: Previously-generated content directories are no longer compatible +and must be regenerated. +* verify: API is now promise-based +* read: Switches to a Promise-based API and removes callback stuff +* rm: Switches to a Promise-based API and removes callback stuff +* index: this changes the API to work off promises instead of callbacks +* api: this means we are going all in on promises now diff --git a/node_modules/pacote/node_modules/cacache/LICENSE.md b/node_modules/pacote/node_modules/cacache/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/pacote/node_modules/cacache/README.es.md b/node_modules/pacote/node_modules/cacache/README.es.md new file mode 100644 index 0000000000000..55007e20dd4f1 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/README.es.md @@ -0,0 +1,628 @@ +# cacache [![npm version](https://img.shields.io/npm/v/cacache.svg)](https://npm.im/cacache) [![license](https://img.shields.io/npm/l/cacache.svg)](https://npm.im/cacache) [![Travis](https://img.shields.io/travis/zkat/cacache.svg)](https://travis-ci.org/zkat/cacache) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/cacache?svg=true)](https://ci.appveyor.com/project/zkat/cacache) [![Coverage Status](https://coveralls.io/repos/github/zkat/cacache/badge.svg?branch=latest)](https://coveralls.io/github/zkat/cacache?branch=latest) + +[`cacache`](https://github.com/zkat/cacache) es una librería de Node.js para +manejar caches locales en disco, con acceso tanto con claves únicas como +direcciones de contenido (hashes/hacheos). Es súper rápida, excelente con el +acceso concurrente, y jamás te dará datos incorrectos, aún si se corrompen o +manipulan directamente los ficheros del cache. + +El propósito original era reemplazar el caché local de +[npm](https://npm.im/npm), pero se puede usar por su propia cuenta. + +_Traducciones: [English](README.md)_ + +## Instalación + +`$ npm install --save cacache` + +## Índice + +* [Ejemplo](#ejemplo) +* [Características](#características) +* [Cómo Contribuir](#cómo-contribuir) +* [API](#api) + * [Usando el API en español](#localized-api) + * Leer + * [`ls`](#ls) + * [`ls.flujo`](#ls-stream) + * [`saca`](#get-data) + * [`saca.flujo`](#get-stream) + * [`saca.info`](#get-info) + * [`saca.tieneDatos`](#get-hasContent) + * Escribir + * [`mete`](#put-data) + * [`mete.flujo`](#put-stream) + * [opciones para `mete*`](#put-options) + * [`rm.todo`](#rm-all) + * [`rm.entrada`](#rm-entry) + * [`rm.datos`](#rm-content) + * Utilidades + * [`ponLenguaje`](#set-locale) + * [`limpiaMemoizado`](#clear-memoized) + * [`tmp.hazdir`](#tmp-mkdir) + * [`tmp.conTmp`](#with-tmp) + * Integridad + * [Subresource Integrity](#integrity) + * [`verifica`](#verify) + * [`verifica.ultimaVez`](#verify-last-run) + +### Ejemplo + +```javascript +const cacache = require('cacache/es') +const fs = require('fs') + +const tarbol = '/ruta/a/mi-tar.tgz' +const rutaCache = '/tmp/my-toy-cache' +const clave = 'mi-clave-única-1234' + +// ¡Añádelo al caché! Usa `rutaCache` como raíz del caché. +cacache.mete(rutaCache, clave, '10293801983029384').then(integrity => { + console.log(`Saved content to ${rutaCache}.`) +}) + +const destino = '/tmp/mytar.tgz' + +// Copia el contenido del caché a otro fichero, pero esta vez con flujos. +cacache.saca.flujo( + rutaCache, clave +).pipe( + fs.createWriteStream(destino) +).on('finish', () => { + console.log('extracción completada') +}) + +// La misma cosa, pero accesando el contenido directamente, sin tocar el índice. +cacache.saca.porHacheo(rutaCache, integridad).then(datos => { + fs.writeFile(destino, datos, err => { + console.log('datos del tarbol sacados basado en su sha512, y escrito a otro fichero') + }) +}) +``` + +### Características + +* Extracción por clave o por dirección de contenido (shasum, etc) +* Usa el estándard de web, [Subresource Integrity](#integrity) +* Compatible con multiples algoritmos - usa sha1, sha512, etc, en el mismo caché sin problema +* Entradas con contenido idéntico comparten ficheros +* Tolerancia de fallas (inmune a corrupción, ficheros parciales, carreras de proceso, etc) +* Verificación completa de datos cuando (escribiendo y leyendo) +* Concurrencia rápida, segura y "lockless" +* Compatible con `stream`s (flujos) +* Compatible con `Promise`s (promesas) +* Bastante rápida -- acceso, incluyendo verificación, en microsegundos +* Almacenaje de metadatos arbitrarios +* Colección de basura y verificación adicional fuera de banda +* Cobertura rigurosa de pruebas +* Probablente hay un "Bloom filter" por ahí en algún lado. Eso le mola a la gente, ¿Verdad? 🤔 + +### Cómo Contribuir + +El equipo de cacache felizmente acepta contribuciones de código y otras maneras de participación. ¡Hay muchas formas diferentes de contribuir! La [Guía de Colaboradores](CONTRIBUTING.md) (en inglés) tiene toda la información que necesitas para cualquier tipo de contribución: todo desde cómo reportar errores hasta cómo someter parches con nuevas características. Con todo y eso, no se preocupe por si lo que haces está exáctamente correcto: no hay ningún problema en hacer preguntas si algo no está claro, o no lo encuentras. + +El equipo de cacache tiene miembros hispanohablantes: es completamente aceptable crear `issues` y `pull requests` en español/castellano. + +Todos los participantes en este proyecto deben obedecer el [Código de Conducta](CODE_OF_CONDUCT.md) (en inglés), y en general actuar de forma amable y respetuosa mientras participan en esta comunidad. + +Por favor refiérase al [Historial de Cambios](CHANGELOG.md) (en inglés) para detalles sobre cambios importantes incluídos en cada versión. + +Finalmente, cacache tiene un sistema de localización de lenguaje. Si te interesa añadir lenguajes o mejorar los que existen, mira en el directorio `./locales` para comenzar. + +Happy hacking! + +### API + +#### Usando el API en español + +cacache incluye una traducción completa de su API al castellano, con las mismas +características. Para usar el API como está documentado en este documento, usa +`require('cacache/es')` + +cacache también tiene otros lenguajes: encuéntralos bajo `./locales`, y podrás +usar el API en ese lenguaje con `require('cacache/')` + +#### `> cacache.ls(cache) -> Promise` + +Enumera todas las entradas en el caché, dentro de un solo objeto. Cada entrada +en el objeto tendrá como clave la clave única usada para el índice, el valor +siendo un objeto de [`saca.info`](#get-info). + +##### Ejemplo + +```javascript +cacache.ls(rutaCache).then(console.log) +// Salida +{ + 'my-thing': { + key: 'my-thing', + integrity: 'sha512-BaSe64/EnCoDED+HAsh==' + path: '.testcache/content/deadbeef', // unido con `rutaCache` + time: 12345698490, + size: 4023948, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } + }, + 'other-thing': { + key: 'other-thing', + integrity: 'sha1-ANothER+hasH=', + path: '.testcache/content/bada55', + time: 11992309289, + size: 111112 + } +} +``` + +#### `> cacache.ls.flujo(cache) -> Readable` + +Enumera todas las entradas en el caché, emitiendo un objeto de +[`saca.info`](#get-info) por cada evento de `data` en el flujo. + +##### Ejemplo + +```javascript +cacache.ls.flujo(rutaCache).on('data', console.log) +// Salida +{ + key: 'my-thing', + integrity: 'sha512-BaSe64HaSh', + path: '.testcache/content/deadbeef', // unido con `rutaCache` + time: 12345698490, + size: 13423, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } +} + +{ + key: 'other-thing', + integrity: 'whirlpool-WoWSoMuchSupport', + path: '.testcache/content/bada55', + time: 11992309289, + size: 498023984029 +} + +{ + ... +} +``` + +#### `> cacache.saca(cache, clave, [ops]) -> Promise({data, metadata, integrity})` + +Devuelve un objeto con los datos, hacheo de integridad y metadatos identificados +por la `clave`. La propiedad `data` de este objeto será una instancia de +`Buffer` con los datos almacenados en el caché. to do with it! cacache just +won't care. + +`integrity` es un `string` de [Subresource Integrity](#integrity). Dígase, un +`string` que puede ser usado para verificar a la `data`, que tiene como formato +`-`. + +So no existe ninguna entrada identificada por `clave`, o se los datos +almacenados localmente fallan verificación, el `Promise` fallará. + +Una sub-función, `saca.porHacheo`, tiene casi el mismo comportamiento, excepto +que busca entradas usando el hacheo de integridad, sin tocar el índice general. +Esta versión *sólo* devuelve `data`, sin ningún objeto conteniéndola. + +##### Nota + +Esta función lee la entrada completa a la memoria antes de devolverla. Si estás +almacenando datos Muy Grandes, es posible que [`saca.flujo`](#get-stream) sea +una mejor solución. + +##### Ejemplo + +```javascript +// Busca por clave +cache.saca(rutaCache, 'my-thing').then(console.log) +// Salida: +{ + metadata: { + thingName: 'my' + }, + integrity: 'sha512-BaSe64HaSh', + data: Buffer#, + size: 9320 +} + +// Busca por hacheo +cache.saca.porHacheo(rutaCache, 'sha512-BaSe64HaSh').then(console.log) +// Salida: +Buffer# +``` + +#### `> cacache.saca.flujo(cache, clave, [ops]) -> Readable` + +Devuelve un [Readable +Stream](https://nodejs.org/api/stream.html#stream_readable_streams) de los datos +almacenados bajo `clave`. + +So no existe ninguna entrada identificada por `clave`, o se los datos +almacenados localmente fallan verificación, el `Promise` fallará. + +`metadata` y `integrity` serán emitidos como eventos antes de que el flujo +cierre. + +Una sub-función, `saca.flujo.porHacheo`, tiene casi el mismo comportamiento, +excepto que busca entradas usando el hacheo de integridad, sin tocar el índice +general. Esta versión no emite eventos de `metadata` o `integrity`. + +##### Ejemplo + +```javascript +// Busca por clave +cache.saca.flujo( + rutaCache, 'my-thing' +).on('metadata', metadata => { + console.log('metadata:', metadata) +}).on('integrity', integrity => { + console.log('integrity:', integrity) +}).pipe( + fs.createWriteStream('./x.tgz') +) +// Salidas: +metadata: { ... } +integrity: 'sha512-SoMeDIGest+64==' + +// Busca por hacheo +cache.saca.flujo.porHacheo( + rutaCache, 'sha512-SoMeDIGest+64==' +).pipe( + fs.createWriteStream('./x.tgz') +) +``` + +#### `> cacache.saca.info(cache, clave) -> Promise` + +Busca la `clave` en el índice del caché, devolviendo información sobre la +entrada si existe. + +##### Campos + +* `key` - Clave de la entrada. Igual al argumento `clave`. +* `integrity` - [hacheo de Subresource Integrity](#integrity) del contenido al que se refiere esta entrada. +* `path` - Dirección del fichero de datos almacenados, unida al argumento `cache`. +* `time` - Hora de creación de la entrada +* `metadata` - Metadatos asignados a esta entrada por el usuario + +##### Ejemplo + +```javascript +cacache.saca.info(rutaCache, 'my-thing').then(console.log) + +// Salida +{ + key: 'my-thing', + integrity: 'sha256-MUSTVERIFY+ALL/THINGS==' + path: '.testcache/content/deadbeef', + time: 12345698490, + size: 849234, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } +} +``` + +#### `> cacache.saca.tieneDatos(cache, integrity) -> Promise` + +Busca un [hacheo Subresource Integrity](#integrity) en el caché. Si existe el +contenido asociado con `integrity`, devuelve un objeto con dos campos: el hacheo +_específico_ que se usó para la búsqueda, `sri`, y el tamaño total del +contenido, `size`. Si no existe ningún contenido asociado con `integrity`, +devuelve `false`. + +##### Ejemplo + +```javascript +cacache.saca.tieneDatos(rutaCache, 'sha256-MUSTVERIFY+ALL/THINGS==').then(console.log) + +// Salida +{ + sri: { + source: 'sha256-MUSTVERIFY+ALL/THINGS==', + algorithm: 'sha256', + digest: 'MUSTVERIFY+ALL/THINGS==', + options: [] + }, + size: 9001 +} + +cacache.saca.tieneDatos(rutaCache, 'sha521-NOT+IN/CACHE==').then(console.log) + +// Salida +false +``` + +#### `> cacache.mete(cache, clave, datos, [ops]) -> Promise` + +Inserta `datos` en el caché. El `Promise` devuelto se resuelve con un hacheo +(generado conforme a [`ops.algorithms`](#optsalgorithms)) después que la entrada +haya sido escrita en completo. + +##### Ejemplo + +```javascript +fetch( + 'https://registry.npmjs.org/cacache/-/cacache-1.0.0.tgz' +).then(datos => { + return cacache.mete(rutaCache, 'registry.npmjs.org|cacache@1.0.0', datos) +}).then(integridad => { + console.log('el hacheo de integridad es', integridad) +}) +``` + +#### `> cacache.mete.flujo(cache, clave, [ops]) -> Writable` + +Devuelve un [Writable +Stream](https://nodejs.org/api/stream.html#stream_writable_streams) que inserta +al caché los datos escritos a él. Emite un evento `integrity` con el hacheo del +contenido escrito, cuando completa. + +##### Ejemplo + +```javascript +request.get( + 'https://registry.npmjs.org/cacache/-/cacache-1.0.0.tgz' +).pipe( + cacache.mete.flujo( + rutaCache, 'registry.npmjs.org|cacache@1.0.0' + ).on('integrity', d => console.log(`integrity digest is ${d}`)) +) +``` + +#### `> opciones para cacache.mete` + +La funciones `cacache.mete` tienen un número de opciones en común. + +##### `ops.metadata` + +Metadatos del usuario que se almacenarán con la entrada. + +##### `ops.size` + +El tamaño declarado de los datos que se van a insertar. Si es proveído, cacache +verificará que los datos escritos sean de ese tamaño, o si no, fallará con un +error con código `EBADSIZE`. + +##### `ops.integrity` + +El hacheo de integridad de los datos siendo escritos. + +Si es proveído, y los datos escritos no le corresponden, la operación fallará +con un error con código `EINTEGRITY`. + +`ops.algorithms` no tiene ningún efecto si esta opción está presente. + +##### `ops.algorithms` + +Por Defecto: `['sha512']` + +Algoritmos que se deben usar cuando se calcule el hacheo de [subresource +integrity](#integrity) para los datos insertados. Puede usar cualquier algoritmo +enumerado en `crypto.getHashes()`. + +Por el momento, sólo se acepta un algoritmo (dígase, un array con exáctamente un +valor). No tiene ningún efecto si `ops.integrity` también ha sido proveido. + +##### `ops.uid`/`ops.gid` + +Si están presentes, cacache hará todo lo posible para asegurarse que todos los +ficheros creados en el proceso de sus operaciones en el caché usen esta +combinación en particular. + +##### `ops.memoize` + +Por Defecto: `null` + +Si es verdad, cacache tratará de memoizar los datos de la entrada en memoria. La +próxima vez que el proceso corriente trate de accesar los datos o entrada, +cacache buscará en memoria antes de buscar en disco. + +Si `ops.memoize` es un objeto regular o un objeto como `Map` (es decir, un +objeto con métodos `get()` y `set()`), este objeto en sí sera usado en vez del +caché de memoria global. Esto permite tener lógica específica a tu aplicación +encuanto al almacenaje en memoria de tus datos. + +Si quieres asegurarte que los datos se lean del disco en vez de memoria, usa +`memoize: false` cuando uses funciones de `cacache.saca`. + +#### `> cacache.rm.todo(cache) -> Promise` + +Borra el caché completo, incluyendo ficheros temporeros, ficheros de datos, y el +índice del caché. + +##### Ejemplo + +```javascript +cacache.rm.todo(rutaCache).then(() => { + console.log('THE APOCALYPSE IS UPON US 😱') +}) +``` + +#### `> cacache.rm.entrada(cache, clave) -> Promise` + +Alias: `cacache.rm` + +Borra la entrada `clave` del índuce. El contenido asociado con esta entrada +seguirá siendo accesible por hacheo usando +[`saca.flujo.porHacheo`](#get-stream). + +Para borrar el contenido en sí, usa [`rm.datos`](#rm-content). Si quieres hacer +esto de manera más segura (pues ficheros de contenido pueden ser usados por +multiples entradas), usa [`verifica`](#verify) para borrar huérfanos. + +##### Ejemplo + +```javascript +cacache.rm.entrada(rutaCache, 'my-thing').then(() => { + console.log('I did not like it anyway') +}) +``` + +#### `> cacache.rm.datos(cache, integrity) -> Promise` + +Borra el contenido identificado por `integrity`. Cualquier entrada que se +refiera a este contenido quedarán huérfanas y se invalidarán si se tratan de +accesar, al menos que contenido idéntico sea añadido bajo `integrity`. + +##### Ejemplo + +```javascript +cacache.rm.datos(rutaCache, 'sha512-SoMeDIGest/IN+BaSE64==').then(() => { + console.log('los datos para `mi-cosa` se borraron') +}) +``` + +#### `> cacache.ponLenguaje(locale)` + +Configura el lenguaje usado para mensajes y errores de cacache. La lista de +lenguajes disponibles está en el directorio `./locales` del proyecto. + +_Te interesa añadir más lenguajes? [Somete un PR](CONTRIBUTING.md)!_ + +#### `> cacache.limpiaMemoizado()` + +Completamente reinicializa el caché de memoria interno. Si estás usando tu +propio objecto con `ops.memoize`, debes hacer esto de manera específica a él. + +#### `> tmp.hazdir(cache, ops) -> Promise` + +Alias: `tmp.mkdir` + +Devuelve un directorio único dentro del directorio `tmp` del caché. + +Una vez tengas el directorio, es responsabilidad tuya asegurarte que todos los +ficheros escrito a él sean creados usando los permisos y `uid`/`gid` concordante +con el caché. Si no, puedes pedirle a cacache que lo haga llamando a +[`cacache.tmp.fix()`](#tmp-fix). Esta función arreglará todos los permisos en el +directorio tmp. + +Si quieres que cacache limpie el directorio automáticamente cuando termines, usa +[`cacache.tmp.conTmp()`](#with-tpm). + +##### Ejemplo + +```javascript +cacache.tmp.mkdir(cache).then(dir => { + fs.writeFile(path.join(dir, 'blablabla'), Buffer#<1234>, ...) +}) +``` + +#### `> tmp.conTmp(cache, ops, cb) -> Promise` + +Crea un directorio temporero con [`tmp.mkdir()`](#tmp-mkdir) y ejecuta `cb` con +él como primer argumento. El directorio creado será removido automáticamente +cuando el valor devolvido por `cb()` se resuelva. + +Las mismas advertencias aplican en cuanto a manejando permisos para los ficheros +dentro del directorio. + +##### Ejemplo + +```javascript +cacache.tmp.conTmp(cache, dir => { + return fs.writeFileAsync(path.join(dir, 'blablabla'), Buffer#<1234>, ...) +}).then(() => { + // `dir` no longer exists +}) +``` + +#### Hacheos de Subresource Integrity + +cacache usa strings que siguen la especificación de [Subresource Integrity +spec](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity). + +Es decir, donde quiera cacache espera un argumento o opción `integrity`, ese +string debería usar el formato `-`. + +Una variación importante sobre los hacheos que cacache acepta es que acepta el +nombre de cualquier algoritmo aceptado por el proceso de Node.js donde se usa. +Puedes usar `crypto.getHashes()` para ver cuales están disponibles. + +##### Generando tus propios hacheos + +Si tienes un `shasum`, en general va a estar en formato de string hexadecimal +(es decir, un `sha1` se vería como algo así: +`5f5513f8822fdbe5145af33b64d8d970dcf95c6e`). + +Para ser compatible con cacache, necesitas convertir esto a su equivalente en +subresource integrity. Por ejemplo, el hacheo correspondiente al ejemplo +anterior sería: `sha1-X1UT+IIv2+UUWvM7ZNjZcNz5XG4=`. + +Puedes usar código así para generarlo por tu cuenta: + +```javascript +const crypto = require('crypto') +const algoritmo = 'sha512' +const datos = 'foobarbaz' + +const integrity = ( + algorithm + + '-' + + crypto.createHash(algoritmo).update(datos).digest('base64') +) +``` + +También puedes usar [`ssri`](https://npm.im/ssri) para deferir el trabajo a otra +librería que garantiza que todo esté correcto, pues maneja probablemente todas +las operaciones que tendrías que hacer con SRIs, incluyendo convirtiendo entre +hexadecimal y el formato SRI. + +#### `> cacache.verifica(cache, ops) -> Promise` + +Examina y arregla tu caché: + +* Limpia entradas inválidas, huérfanas y corrompidas +* Te deja filtrar cuales entradas retener, con tu propio filtro +* Reclama cualquier ficheros de contenido sin referencias en el índice +* Verifica integridad de todos los ficheros de contenido y remueve los malos +* Arregla permisos del caché +* Remieve el directorio `tmp` en el caché, y todo su contenido. + +Cuando termine, devuelve un objeto con varias estadísticas sobre el proceso de +verificación, por ejemplo la cantidad de espacio de disco reclamado, el número +de entradas válidas, número de entradas removidas, etc. + +##### Opciones + +* `ops.uid` - uid para asignarle al caché y su contenido +* `ops.gid` - gid para asignarle al caché y su contenido +* `ops.filter` - recibe una entrada como argumento. Devuelve falso para removerla. Nota: es posible que esta función sea invocada con la misma entrada más de una vez. + +##### Example + +```sh +echo somegarbage >> $RUTACACHE/content/deadbeef +``` + +```javascript +cacache.verifica(rutaCache).then(stats => { + // deadbeef collected, because of invalid checksum. + console.log('cache is much nicer now! stats:', stats) +}) +``` + +#### `> cacache.verifica.ultimaVez(cache) -> Promise` + +Alias: `últimaVez` + +Devuelve un `Date` que representa la última vez que `cacache.verifica` fue +ejecutada en `cache`. + +##### Example + +```javascript +cacache.verifica(rutaCache).then(() => { + cacache.verifica.ultimaVez(rutaCache).then(última => { + console.log('La última vez que se usó cacache.verifica() fue ' + última) + }) +}) +``` diff --git a/node_modules/pacote/node_modules/cacache/README.md b/node_modules/pacote/node_modules/cacache/README.md new file mode 100644 index 0000000000000..7f8ec5eec05ff --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/README.md @@ -0,0 +1,641 @@ +# cacache [![npm version](https://img.shields.io/npm/v/cacache.svg)](https://npm.im/cacache) [![license](https://img.shields.io/npm/l/cacache.svg)](https://npm.im/cacache) [![Travis](https://img.shields.io/travis/npm/cacache.svg)](https://travis-ci.org/npm/cacache) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/npm/cacache?svg=true)](https://ci.appveyor.com/project/npm/cacache) [![Coverage Status](https://coveralls.io/repos/github/npm/cacache/badge.svg?branch=latest)](https://coveralls.io/github/npm/cacache?branch=latest) + +[`cacache`](https://github.com/npm/cacache) is a Node.js library for managing +local key and content address caches. It's really fast, really good at +concurrency, and it will never give you corrupted data, even if cache files +get corrupted or manipulated. + +On systems that support user and group settings on files, cacache will +match the `uid` and `gid` values to the folder where the cache lives, even +when running as `root`. + +It was written to be used as [npm](https://npm.im)'s local cache, but can +just as easily be used on its own. + +_Translations: [español](README.es.md)_ + +## Install + +`$ npm install --save cacache` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [Using localized APIs](#localized-api) + * Reading + * [`ls`](#ls) + * [`ls.stream`](#ls-stream) + * [`get`](#get-data) + * [`get.stream`](#get-stream) + * [`get.info`](#get-info) + * [`get.hasContent`](#get-hasContent) + * Writing + * [`put`](#put-data) + * [`put.stream`](#put-stream) + * [`put*` opts](#put-options) + * [`rm.all`](#rm-all) + * [`rm.entry`](#rm-entry) + * [`rm.content`](#rm-content) + * Utilities + * [`setLocale`](#set-locale) + * [`clearMemoized`](#clear-memoized) + * [`tmp.mkdir`](#tmp-mkdir) + * [`tmp.withTmp`](#with-tmp) + * Integrity + * [Subresource Integrity](#integrity) + * [`verify`](#verify) + * [`verify.lastRun`](#verify-last-run) + +### Example + +```javascript +const cacache = require('cacache/en') +const fs = require('fs') + +const tarball = '/path/to/mytar.tgz' +const cachePath = '/tmp/my-toy-cache' +const key = 'my-unique-key-1234' + +// Cache it! Use `cachePath` as the root of the content cache +cacache.put(cachePath, key, '10293801983029384').then(integrity => { + console.log(`Saved content to ${cachePath}.`) +}) + +const destination = '/tmp/mytar.tgz' + +// Copy the contents out of the cache and into their destination! +// But this time, use stream instead! +cacache.get.stream( + cachePath, key +).pipe( + fs.createWriteStream(destination) +).on('finish', () => { + console.log('done extracting!') +}) + +// The same thing, but skip the key index. +cacache.get.byDigest(cachePath, integrityHash).then(data => { + fs.writeFile(destination, data, err => { + console.log('tarball data fetched based on its sha512sum and written out!') + }) +}) +``` + +### Features + +* Extraction by key or by content address (shasum, etc) +* [Subresource Integrity](#integrity) web standard support +* Multi-hash support - safely host sha1, sha512, etc, in a single cache +* Automatic content deduplication +* Fault tolerance (immune to corruption, partial writes, process races, etc) +* Consistency guarantees on read and write (full data verification) +* Lockless, high-concurrency cache access +* Streaming support +* Promise support +* Pretty darn fast -- sub-millisecond reads and writes including verification +* Arbitrary metadata storage +* Garbage collection and additional offline verification +* Thorough test coverage +* There's probably a bloom filter in there somewhere. Those are cool, right? 🤔 + +### Contributing + +The cacache team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](CONTRIBUTING.md) has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### Using localized APIs + +cacache includes a complete API in English, with the same features as other +translations. To use the English API as documented in this README, use +`require('cacache/en')`. This is also currently the default if you do +`require('cacache')`, but may change in the future. + +cacache also supports other languages! You can find the list of currently +supported ones by looking in `./locales` in the source directory. You can use +the API in that language with `require('cacache/')`. + +Want to add support for a new language? Please go ahead! You should be able to +copy `./locales/en.js` and `./locales/en.json` and fill them in. Translating the +`README.md` is a bit more work, but also appreciated if you get around to it. 👍🏼 + +#### `> cacache.ls(cache) -> Promise` + +Lists info for all entries currently in the cache as a single large object. Each +entry in the object will be keyed by the unique index key, with corresponding +[`get.info`](#get-info) objects as the values. + +##### Example + +```javascript +cacache.ls(cachePath).then(console.log) +// Output +{ + 'my-thing': { + key: 'my-thing', + integrity: 'sha512-BaSe64/EnCoDED+HAsh==' + path: '.testcache/content/deadbeef', // joined with `cachePath` + time: 12345698490, + size: 4023948, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } + }, + 'other-thing': { + key: 'other-thing', + integrity: 'sha1-ANothER+hasH=', + path: '.testcache/content/bada55', + time: 11992309289, + size: 111112 + } +} +``` + +#### `> cacache.ls.stream(cache) -> Readable` + +Lists info for all entries currently in the cache as a single large object. + +This works just like [`ls`](#ls), except [`get.info`](#get-info) entries are +returned as `'data'` events on the returned stream. + +##### Example + +```javascript +cacache.ls.stream(cachePath).on('data', console.log) +// Output +{ + key: 'my-thing', + integrity: 'sha512-BaSe64HaSh', + path: '.testcache/content/deadbeef', // joined with `cachePath` + time: 12345698490, + size: 13423, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } +} + +{ + key: 'other-thing', + integrity: 'whirlpool-WoWSoMuchSupport', + path: '.testcache/content/bada55', + time: 11992309289, + size: 498023984029 +} + +{ + ... +} +``` + +#### `> cacache.get(cache, key, [opts]) -> Promise({data, metadata, integrity})` + +Returns an object with the cached data, digest, and metadata identified by +`key`. The `data` property of this object will be a `Buffer` instance that +presumably holds some data that means something to you. I'm sure you know what +to do with it! cacache just won't care. + +`integrity` is a [Subresource +Integrity](#integrity) +string. That is, a string that can be used to verify `data`, which looks like +`-`. + +If there is no content identified by `key`, or if the locally-stored data does +not pass the validity checksum, the promise will be rejected. + +A sub-function, `get.byDigest` may be used for identical behavior, except lookup +will happen by integrity hash, bypassing the index entirely. This version of the +function *only* returns `data` itself, without any wrapper. + +##### Note + +This function loads the entire cache entry into memory before returning it. If +you're dealing with Very Large data, consider using [`get.stream`](#get-stream) +instead. + +##### Example + +```javascript +// Look up by key +cache.get(cachePath, 'my-thing').then(console.log) +// Output: +{ + metadata: { + thingName: 'my' + }, + integrity: 'sha512-BaSe64HaSh', + data: Buffer#, + size: 9320 +} + +// Look up by digest +cache.get.byDigest(cachePath, 'sha512-BaSe64HaSh').then(console.log) +// Output: +Buffer# +``` + +#### `> cacache.get.stream(cache, key, [opts]) -> Readable` + +Returns a [Readable Stream](https://nodejs.org/api/stream.html#stream_readable_streams) of the cached data identified by `key`. + +If there is no content identified by `key`, or if the locally-stored data does +not pass the validity checksum, an error will be emitted. + +`metadata` and `integrity` events will be emitted before the stream closes, if +you need to collect that extra data about the cached entry. + +A sub-function, `get.stream.byDigest` may be used for identical behavior, +except lookup will happen by integrity hash, bypassing the index entirely. This +version does not emit the `metadata` and `integrity` events at all. + +##### Example + +```javascript +// Look up by key +cache.get.stream( + cachePath, 'my-thing' +).on('metadata', metadata => { + console.log('metadata:', metadata) +}).on('integrity', integrity => { + console.log('integrity:', integrity) +}).pipe( + fs.createWriteStream('./x.tgz') +) +// Outputs: +metadata: { ... } +integrity: 'sha512-SoMeDIGest+64==' + +// Look up by digest +cache.get.stream.byDigest( + cachePath, 'sha512-SoMeDIGest+64==' +).pipe( + fs.createWriteStream('./x.tgz') +) +``` + +#### `> cacache.get.info(cache, key) -> Promise` + +Looks up `key` in the cache index, returning information about the entry if +one exists. + +##### Fields + +* `key` - Key the entry was looked up under. Matches the `key` argument. +* `integrity` - [Subresource Integrity hash](#integrity) for the content this entry refers to. +* `path` - Filesystem path where content is stored, joined with `cache` argument. +* `time` - Timestamp the entry was first added on. +* `metadata` - User-assigned metadata associated with the entry/content. + +##### Example + +```javascript +cacache.get.info(cachePath, 'my-thing').then(console.log) + +// Output +{ + key: 'my-thing', + integrity: 'sha256-MUSTVERIFY+ALL/THINGS==' + path: '.testcache/content/deadbeef', + time: 12345698490, + size: 849234, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } +} +``` + +#### `> cacache.get.hasContent(cache, integrity) -> Promise` + +Looks up a [Subresource Integrity hash](#integrity) in the cache. If content +exists for this `integrity`, it will return an object, with the specific single integrity hash +that was found in `sri` key, and the size of the found content as `size`. If no content exists for this integrity, it will return `false`. + +##### Example + +```javascript +cacache.get.hasContent(cachePath, 'sha256-MUSTVERIFY+ALL/THINGS==').then(console.log) + +// Output +{ + sri: { + source: 'sha256-MUSTVERIFY+ALL/THINGS==', + algorithm: 'sha256', + digest: 'MUSTVERIFY+ALL/THINGS==', + options: [] + }, + size: 9001 +} + +cacache.get.hasContent(cachePath, 'sha521-NOT+IN/CACHE==').then(console.log) + +// Output +false +``` + +#### `> cacache.put(cache, key, data, [opts]) -> Promise` + +Inserts data passed to it into the cache. The returned Promise resolves with a +digest (generated according to [`opts.algorithms`](#optsalgorithms)) after the +cache entry has been successfully written. + +##### Example + +```javascript +fetch( + 'https://registry.npmjs.org/cacache/-/cacache-1.0.0.tgz' +).then(data => { + return cacache.put(cachePath, 'registry.npmjs.org|cacache@1.0.0', data) +}).then(integrity => { + console.log('integrity hash is', integrity) +}) +``` + +#### `> cacache.put.stream(cache, key, [opts]) -> Writable` + +Returns a [Writable +Stream](https://nodejs.org/api/stream.html#stream_writable_streams) that inserts +data written to it into the cache. Emits an `integrity` event with the digest of +written contents when it succeeds. + +##### Example + +```javascript +request.get( + 'https://registry.npmjs.org/cacache/-/cacache-1.0.0.tgz' +).pipe( + cacache.put.stream( + cachePath, 'registry.npmjs.org|cacache@1.0.0' + ).on('integrity', d => console.log(`integrity digest is ${d}`)) +) +``` + +#### `> cacache.put options` + +`cacache.put` functions have a number of options in common. + +##### `opts.metadata` + +Arbitrary metadata to be attached to the inserted key. + +##### `opts.size` + +If provided, the data stream will be verified to check that enough data was +passed through. If there's more or less data than expected, insertion will fail +with an `EBADSIZE` error. + +##### `opts.integrity` + +If present, the pre-calculated digest for the inserted content. If this option +if provided and does not match the post-insertion digest, insertion will fail +with an `EINTEGRITY` error. + +`algorithms` has no effect if this option is present. + +##### `opts.algorithms` + +Default: ['sha512'] + +Hashing algorithms to use when calculating the [subresource integrity +digest](#integrity) +for inserted data. Can use any algorithm listed in `crypto.getHashes()` or +`'omakase'`/`'お任せします'` to pick a random hash algorithm on each insertion. You +may also use any anagram of `'modnar'` to use this feature. + +Currently only supports one algorithm at a time (i.e., an array length of +exactly `1`). Has no effect if `opts.integrity` is present. + +##### `opts.memoize` + +Default: null + +If provided, cacache will memoize the given cache insertion in memory, bypassing +any filesystem checks for that key or digest in future cache fetches. Nothing +will be written to the in-memory cache unless this option is explicitly truthy. + +If `opts.memoize` is an object or a `Map`-like (that is, an object with `get` +and `set` methods), it will be written to instead of the global memoization +cache. + +Reading from disk data can be forced by explicitly passing `memoize: false` to +the reader functions, but their default will be to read from memory. + +#### `> cacache.rm.all(cache) -> Promise` + +Clears the entire cache. Mainly by blowing away the cache directory itself. + +##### Example + +```javascript +cacache.rm.all(cachePath).then(() => { + console.log('THE APOCALYPSE IS UPON US 😱') +}) +``` + +#### `> cacache.rm.entry(cache, key) -> Promise` + +Alias: `cacache.rm` + +Removes the index entry for `key`. Content will still be accessible if +requested directly by content address ([`get.stream.byDigest`](#get-stream)). + +To remove the content itself (which might still be used by other entries), use +[`rm.content`](#rm-content). Or, to safely vacuum any unused content, use +[`verify`](#verify). + +##### Example + +```javascript +cacache.rm.entry(cachePath, 'my-thing').then(() => { + console.log('I did not like it anyway') +}) +``` + +#### `> cacache.rm.content(cache, integrity) -> Promise` + +Removes the content identified by `integrity`. Any index entries referring to it +will not be usable again until the content is re-added to the cache with an +identical digest. + +##### Example + +```javascript +cacache.rm.content(cachePath, 'sha512-SoMeDIGest/IN+BaSE64==').then(() => { + console.log('data for my-thing is gone!') +}) +``` + +#### `> cacache.setLocale(locale)` + +Configure the language/locale used for messages and errors coming from cacache. +The list of available locales is in the `./locales` directory in the project +root. + +_Interested in contributing more languages! [Submit a PR](CONTRIBUTING.md)!_ + +#### `> cacache.clearMemoized()` + +Completely resets the in-memory entry cache. + +#### `> tmp.mkdir(cache, opts) -> Promise` + +Returns a unique temporary directory inside the cache's `tmp` dir. This +directory will use the same safe user assignment that all the other stuff use. + +Once the directory is made, it's the user's responsibility that all files +within are given the appropriate `gid`/`uid` ownership settings to match +the rest of the cache. If not, you can ask cacache to do it for you by +calling [`tmp.fix()`](#tmp-fix), which will fix all tmp directory +permissions. + +If you want automatic cleanup of this directory, use +[`tmp.withTmp()`](#with-tpm) + +##### Example + +```javascript +cacache.tmp.mkdir(cache).then(dir => { + fs.writeFile(path.join(dir, 'blablabla'), Buffer#<1234>, ...) +}) +``` + +#### `> tmp.fix(cache) -> Promise` + +Sets the `uid` and `gid` properties on all files and folders within the tmp +folder to match the rest of the cache. + +Use this after manually writing files into [`tmp.mkdir`](#tmp-mkdir) or +[`tmp.withTmp`](#with-tmp). + +##### Example + +```javascript +cacache.tmp.mkdir(cache).then(dir => { + writeFile(path.join(dir, 'file'), someData).then(() => { + // make sure we didn't just put a root-owned file in the cache + cacache.tmp.fix().then(() => { + // all uids and gids match now + }) + }) +}) +``` + +#### `> tmp.withTmp(cache, opts, cb) -> Promise` + +Creates a temporary directory with [`tmp.mkdir()`](#tmp-mkdir) and calls `cb` +with it. The created temporary directory will be removed when the return value +of `cb()` resolves -- that is, if you return a Promise from `cb()`, the tmp +directory will be automatically deleted once that promise completes. + +The same caveats apply when it comes to managing permissions for the tmp dir's +contents. + +##### Example + +```javascript +cacache.tmp.withTmp(cache, dir => { + return fs.writeFileAsync(path.join(dir, 'blablabla'), Buffer#<1234>, ...) +}).then(() => { + // `dir` no longer exists +}) +``` + +#### Subresource Integrity Digests + +For content verification and addressing, cacache uses strings following the +[Subresource +Integrity spec](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity). +That is, any time cacache expects an `integrity` argument or option, it +should be in the format `-`. + +One deviation from the current spec is that cacache will support any hash +algorithms supported by the underlying Node.js process. You can use +`crypto.getHashes()` to see which ones you can use. + +##### Generating Digests Yourself + +If you have an existing content shasum, they are generally formatted as a +hexadecimal string (that is, a sha1 would look like: +`5f5513f8822fdbe5145af33b64d8d970dcf95c6e`). In order to be compatible with +cacache, you'll need to convert this to an equivalent subresource integrity +string. For this example, the corresponding hash would be: +`sha1-X1UT+IIv2+UUWvM7ZNjZcNz5XG4=`. + +If you want to generate an integrity string yourself for existing data, you can +use something like this: + +```javascript +const crypto = require('crypto') +const hashAlgorithm = 'sha512' +const data = 'foobarbaz' + +const integrity = ( + hashAlgorithm + + '-' + + crypto.createHash(hashAlgorithm).update(data).digest('base64') +) +``` + +You can also use [`ssri`](https://npm.im/ssri) to have a richer set of functionality +around SRI strings, including generation, parsing, and translating from existing +hex-formatted strings. + +#### `> cacache.verify(cache, opts) -> Promise` + +Checks out and fixes up your cache: + +* Cleans up corrupted or invalid index entries. +* Custom entry filtering options. +* Garbage collects any content entries not referenced by the index. +* Checks integrity for all content entries and removes invalid content. +* Fixes cache ownership. +* Removes the `tmp` directory in the cache and all its contents. + +When it's done, it'll return an object with various stats about the verification +process, including amount of storage reclaimed, number of valid entries, number +of entries removed, etc. + +##### Options + +* `opts.filter` - receives a formatted entry. Return false to remove it. + Note: might be called more than once on the same entry. + +##### Example + +```sh +echo somegarbage >> $CACHEPATH/content/deadbeef +``` + +```javascript +cacache.verify(cachePath).then(stats => { + // deadbeef collected, because of invalid checksum. + console.log('cache is much nicer now! stats:', stats) +}) +``` + +#### `> cacache.verify.lastRun(cache) -> Promise` + +Returns a `Date` representing the last time `cacache.verify` was run on `cache`. + +##### Example + +```javascript +cacache.verify(cachePath).then(() => { + cacache.verify.lastRun(cachePath).then(lastTime => { + console.log('cacache.verify was last called on' + lastTime) + }) +}) +``` diff --git a/node_modules/pacote/node_modules/cacache/en.js b/node_modules/pacote/node_modules/cacache/en.js new file mode 100644 index 0000000000000..a3db581c9f1fa --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/en.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./locales/en.js') diff --git a/node_modules/pacote/node_modules/cacache/es.js b/node_modules/pacote/node_modules/cacache/es.js new file mode 100644 index 0000000000000..6282363c3bdbf --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/es.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./locales/es.js') diff --git a/node_modules/pacote/node_modules/cacache/get.js b/node_modules/pacote/node_modules/cacache/get.js new file mode 100644 index 0000000000000..008cb83a9ed87 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/get.js @@ -0,0 +1,247 @@ +'use strict' + +const BB = require('bluebird') + +const figgyPudding = require('figgy-pudding') +const fs = require('fs') +const index = require('./lib/entry-index') +const memo = require('./lib/memoization') +const pipe = require('mississippi').pipe +const pipeline = require('mississippi').pipeline +const read = require('./lib/content/read') +const through = require('mississippi').through + +const GetOpts = figgyPudding({ + integrity: {}, + memoize: {}, + size: {} +}) + +module.exports = function get (cache, key, opts) { + return getData(false, cache, key, opts) +} +module.exports.byDigest = function getByDigest (cache, digest, opts) { + return getData(true, cache, digest, opts) +} +function getData (byDigest, cache, key, opts) { + opts = GetOpts(opts) + const memoized = ( + byDigest + ? memo.get.byDigest(cache, key, opts) + : memo.get(cache, key, opts) + ) + if (memoized && opts.memoize !== false) { + return BB.resolve(byDigest ? memoized : { + metadata: memoized.entry.metadata, + data: memoized.data, + integrity: memoized.entry.integrity, + size: memoized.entry.size + }) + } + return ( + byDigest ? BB.resolve(null) : index.find(cache, key, opts) + ).then(entry => { + if (!entry && !byDigest) { + throw new index.NotFoundError(cache, key) + } + return read(cache, byDigest ? key : entry.integrity, { + integrity: opts.integrity, + size: opts.size + }).then(data => byDigest ? data : { + metadata: entry.metadata, + data: data, + size: entry.size, + integrity: entry.integrity + }).then(res => { + if (opts.memoize && byDigest) { + memo.put.byDigest(cache, key, res, opts) + } else if (opts.memoize) { + memo.put(cache, entry, res.data, opts) + } + return res + }) + }) +} + +module.exports.sync = function get (cache, key, opts) { + return getDataSync(false, cache, key, opts) +} +module.exports.sync.byDigest = function getByDigest (cache, digest, opts) { + return getDataSync(true, cache, digest, opts) +} +function getDataSync (byDigest, cache, key, opts) { + opts = GetOpts(opts) + const memoized = ( + byDigest + ? memo.get.byDigest(cache, key, opts) + : memo.get(cache, key, opts) + ) + if (memoized && opts.memoize !== false) { + return byDigest ? memoized : { + metadata: memoized.entry.metadata, + data: memoized.data, + integrity: memoized.entry.integrity, + size: memoized.entry.size + } + } + const entry = !byDigest && index.find.sync(cache, key, opts) + if (!entry && !byDigest) { + throw new index.NotFoundError(cache, key) + } + const data = read.sync( + cache, + byDigest ? key : entry.integrity, + { + integrity: opts.integrity, + size: opts.size + } + ) + const res = byDigest + ? data + : { + metadata: entry.metadata, + data: data, + size: entry.size, + integrity: entry.integrity + } + if (opts.memoize && byDigest) { + memo.put.byDigest(cache, key, res, opts) + } else if (opts.memoize) { + memo.put(cache, entry, res.data, opts) + } + return res +} + +module.exports.stream = getStream +function getStream (cache, key, opts) { + opts = GetOpts(opts) + let stream = through() + const memoized = memo.get(cache, key, opts) + if (memoized && opts.memoize !== false) { + stream.on('newListener', function (ev, cb) { + ev === 'metadata' && cb(memoized.entry.metadata) + ev === 'integrity' && cb(memoized.entry.integrity) + ev === 'size' && cb(memoized.entry.size) + }) + stream.write(memoized.data, () => stream.end()) + return stream + } + index.find(cache, key).then(entry => { + if (!entry) { + return stream.emit( + 'error', new index.NotFoundError(cache, key) + ) + } + let memoStream + if (opts.memoize) { + let memoData = [] + let memoLength = 0 + memoStream = through((c, en, cb) => { + memoData && memoData.push(c) + memoLength += c.length + cb(null, c, en) + }, cb => { + memoData && memo.put(cache, entry, Buffer.concat(memoData, memoLength), opts) + cb() + }) + } else { + memoStream = through() + } + stream.emit('metadata', entry.metadata) + stream.emit('integrity', entry.integrity) + stream.emit('size', entry.size) + stream.on('newListener', function (ev, cb) { + ev === 'metadata' && cb(entry.metadata) + ev === 'integrity' && cb(entry.integrity) + ev === 'size' && cb(entry.size) + }) + pipe( + read.readStream(cache, entry.integrity, opts.concat({ + size: opts.size == null ? entry.size : opts.size + })), + memoStream, + stream + ) + }).catch(err => stream.emit('error', err)) + return stream +} + +module.exports.stream.byDigest = getStreamDigest +function getStreamDigest (cache, integrity, opts) { + opts = GetOpts(opts) + const memoized = memo.get.byDigest(cache, integrity, opts) + if (memoized && opts.memoize !== false) { + const stream = through() + stream.write(memoized, () => stream.end()) + return stream + } else { + let stream = read.readStream(cache, integrity, opts) + if (opts.memoize) { + let memoData = [] + let memoLength = 0 + const memoStream = through((c, en, cb) => { + memoData && memoData.push(c) + memoLength += c.length + cb(null, c, en) + }, cb => { + memoData && memo.put.byDigest( + cache, + integrity, + Buffer.concat(memoData, memoLength), + opts + ) + cb() + }) + stream = pipeline(stream, memoStream) + } + return stream + } +} + +module.exports.info = info +function info (cache, key, opts) { + opts = GetOpts(opts) + const memoized = memo.get(cache, key, opts) + if (memoized && opts.memoize !== false) { + return BB.resolve(memoized.entry) + } else { + return index.find(cache, key) + } +} + +module.exports.hasContent = read.hasContent + +module.exports.copy = function cp (cache, key, dest, opts) { + return copy(false, cache, key, dest, opts) +} +module.exports.copy.byDigest = function cpDigest (cache, digest, dest, opts) { + return copy(true, cache, digest, dest, opts) +} +function copy (byDigest, cache, key, dest, opts) { + opts = GetOpts(opts) + if (read.copy) { + return ( + byDigest ? BB.resolve(null) : index.find(cache, key, opts) + ).then(entry => { + if (!entry && !byDigest) { + throw new index.NotFoundError(cache, key) + } + return read.copy( + cache, byDigest ? key : entry.integrity, dest, opts + ).then(() => byDigest ? key : { + metadata: entry.metadata, + size: entry.size, + integrity: entry.integrity + }) + }) + } else { + return getData(byDigest, cache, key, opts).then(res => { + return fs.writeFileAsync(dest, byDigest ? res : res.data) + .then(() => byDigest ? key : { + metadata: res.metadata, + size: res.size, + integrity: res.integrity + }) + }) + } +} diff --git a/node_modules/pacote/node_modules/cacache/index.js b/node_modules/pacote/node_modules/cacache/index.js new file mode 100644 index 0000000000000..a3db581c9f1fa --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/index.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./locales/en.js') diff --git a/node_modules/pacote/node_modules/cacache/lib/content/path.js b/node_modules/pacote/node_modules/cacache/lib/content/path.js new file mode 100644 index 0000000000000..c67c28061259f --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/content/path.js @@ -0,0 +1,26 @@ +'use strict' + +const contentVer = require('../../package.json')['cache-version'].content +const hashToSegments = require('../util/hash-to-segments') +const path = require('path') +const ssri = require('ssri') + +// Current format of content file path: +// +// sha512-BaSE64Hex= -> +// ~/.my-cache/content-v2/sha512/ba/da/55deadbeefc0ffee +// +module.exports = contentPath +function contentPath (cache, integrity) { + const sri = ssri.parse(integrity, { single: true }) + // contentPath is the *strongest* algo given + return path.join.apply(path, [ + contentDir(cache), + sri.algorithm + ].concat(hashToSegments(sri.hexDigest()))) +} + +module.exports._contentDir = contentDir +function contentDir (cache) { + return path.join(cache, `content-v${contentVer}`) +} diff --git a/node_modules/pacote/node_modules/cacache/lib/content/read.js b/node_modules/pacote/node_modules/cacache/lib/content/read.js new file mode 100644 index 0000000000000..7929524f82c3c --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/content/read.js @@ -0,0 +1,195 @@ +'use strict' + +const BB = require('bluebird') + +const contentPath = require('./path') +const figgyPudding = require('figgy-pudding') +const fs = require('graceful-fs') +const PassThrough = require('stream').PassThrough +const pipe = BB.promisify(require('mississippi').pipe) +const ssri = require('ssri') +const Y = require('../util/y.js') + +const lstatAsync = BB.promisify(fs.lstat) +const readFileAsync = BB.promisify(fs.readFile) + +const ReadOpts = figgyPudding({ + size: {} +}) + +module.exports = read +function read (cache, integrity, opts) { + opts = ReadOpts(opts) + return withContentSri(cache, integrity, (cpath, sri) => { + return readFileAsync(cpath, null).then(data => { + if (typeof opts.size === 'number' && opts.size !== data.length) { + throw sizeError(opts.size, data.length) + } else if (ssri.checkData(data, sri)) { + return data + } else { + throw integrityError(sri, cpath) + } + }) + }) +} + +module.exports.sync = readSync +function readSync (cache, integrity, opts) { + opts = ReadOpts(opts) + return withContentSriSync(cache, integrity, (cpath, sri) => { + const data = fs.readFileSync(cpath) + if (typeof opts.size === 'number' && opts.size !== data.length) { + throw sizeError(opts.size, data.length) + } else if (ssri.checkData(data, sri)) { + return data + } else { + throw integrityError(sri, cpath) + } + }) +} + +module.exports.stream = readStream +module.exports.readStream = readStream +function readStream (cache, integrity, opts) { + opts = ReadOpts(opts) + const stream = new PassThrough() + withContentSri(cache, integrity, (cpath, sri) => { + return lstatAsync(cpath).then(stat => ({ cpath, sri, stat })) + }).then(({ cpath, sri, stat }) => { + return pipe( + fs.createReadStream(cpath), + ssri.integrityStream({ + integrity: sri, + size: opts.size + }), + stream + ) + }).catch(err => { + stream.emit('error', err) + }) + return stream +} + +let copyFileAsync +if (fs.copyFile) { + module.exports.copy = copy + module.exports.copy.sync = copySync + copyFileAsync = BB.promisify(fs.copyFile) +} + +function copy (cache, integrity, dest, opts) { + opts = ReadOpts(opts) + return withContentSri(cache, integrity, (cpath, sri) => { + return copyFileAsync(cpath, dest) + }) +} + +function copySync (cache, integrity, dest, opts) { + opts = ReadOpts(opts) + return withContentSriSync(cache, integrity, (cpath, sri) => { + return fs.copyFileSync(cpath, dest) + }) +} + +module.exports.hasContent = hasContent +function hasContent (cache, integrity) { + if (!integrity) { return BB.resolve(false) } + return withContentSri(cache, integrity, (cpath, sri) => { + return lstatAsync(cpath).then(stat => ({ size: stat.size, sri, stat })) + }).catch(err => { + if (err.code === 'ENOENT') { return false } + if (err.code === 'EPERM') { + if (process.platform !== 'win32') { + throw err + } else { + return false + } + } + }) +} + +module.exports.hasContent.sync = hasContentSync +function hasContentSync (cache, integrity) { + if (!integrity) { return false } + return withContentSriSync(cache, integrity, (cpath, sri) => { + try { + const stat = fs.lstatSync(cpath) + return { size: stat.size, sri, stat } + } catch (err) { + if (err.code === 'ENOENT') { return false } + if (err.code === 'EPERM') { + if (process.platform !== 'win32') { + throw err + } else { + return false + } + } + } + }) +} + +function withContentSri (cache, integrity, fn) { + return BB.try(() => { + const sri = ssri.parse(integrity) + // If `integrity` has multiple entries, pick the first digest + // with available local data. + const algo = sri.pickAlgorithm() + const digests = sri[algo] + if (digests.length <= 1) { + const cpath = contentPath(cache, digests[0]) + return fn(cpath, digests[0]) + } else { + return BB.any(sri[sri.pickAlgorithm()].map(meta => { + return withContentSri(cache, meta, fn) + }, { concurrency: 1 })) + .catch(err => { + if ([].some.call(err, e => e.code === 'ENOENT')) { + throw Object.assign( + new Error('No matching content found for ' + sri.toString()), + { code: 'ENOENT' } + ) + } else { + throw err[0] + } + }) + } + }) +} + +function withContentSriSync (cache, integrity, fn) { + const sri = ssri.parse(integrity) + // If `integrity` has multiple entries, pick the first digest + // with available local data. + const algo = sri.pickAlgorithm() + const digests = sri[algo] + if (digests.length <= 1) { + const cpath = contentPath(cache, digests[0]) + return fn(cpath, digests[0]) + } else { + let lastErr = null + for (const meta of sri[sri.pickAlgorithm()]) { + try { + return withContentSriSync(cache, meta, fn) + } catch (err) { + lastErr = err + } + } + if (lastErr) { throw lastErr } + } +} + +function sizeError (expected, found) { + var err = new Error(Y`Bad data size: expected inserted data to be ${expected} bytes, but got ${found} instead`) + err.expected = expected + err.found = found + err.code = 'EBADSIZE' + return err +} + +function integrityError (sri, path) { + var err = new Error(Y`Integrity verification failed for ${sri} (${path})`) + err.code = 'EINTEGRITY' + err.sri = sri + err.path = path + return err +} diff --git a/node_modules/pacote/node_modules/cacache/lib/content/rm.js b/node_modules/pacote/node_modules/cacache/lib/content/rm.js new file mode 100644 index 0000000000000..12cf1582358dd --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/content/rm.js @@ -0,0 +1,21 @@ +'use strict' + +const BB = require('bluebird') + +const contentPath = require('./path') +const hasContent = require('./read').hasContent +const rimraf = BB.promisify(require('rimraf')) + +module.exports = rm +function rm (cache, integrity) { + return hasContent(cache, integrity).then(content => { + if (content) { + const sri = content.sri + if (sri) { + return rimraf(contentPath(cache, sri)).then(() => true) + } + } else { + return false + } + }) +} diff --git a/node_modules/pacote/node_modules/cacache/lib/content/write.js b/node_modules/pacote/node_modules/cacache/lib/content/write.js new file mode 100644 index 0000000000000..4d96a3cffe1f1 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/content/write.js @@ -0,0 +1,164 @@ +'use strict' + +const BB = require('bluebird') + +const contentPath = require('./path') +const fixOwner = require('../util/fix-owner') +const fs = require('graceful-fs') +const moveFile = require('../util/move-file') +const PassThrough = require('stream').PassThrough +const path = require('path') +const pipe = BB.promisify(require('mississippi').pipe) +const rimraf = BB.promisify(require('rimraf')) +const ssri = require('ssri') +const to = require('mississippi').to +const uniqueFilename = require('unique-filename') +const Y = require('../util/y.js') + +const writeFileAsync = BB.promisify(fs.writeFile) + +module.exports = write +function write (cache, data, opts) { + opts = opts || {} + if (opts.algorithms && opts.algorithms.length > 1) { + throw new Error( + Y`opts.algorithms only supports a single algorithm for now` + ) + } + if (typeof opts.size === 'number' && data.length !== opts.size) { + return BB.reject(sizeError(opts.size, data.length)) + } + const sri = ssri.fromData(data, { + algorithms: opts.algorithms + }) + if (opts.integrity && !ssri.checkData(data, opts.integrity, opts)) { + return BB.reject(checksumError(opts.integrity, sri)) + } + return BB.using(makeTmp(cache, opts), tmp => ( + writeFileAsync( + tmp.target, data, { flag: 'wx' } + ).then(() => ( + moveToDestination(tmp, cache, sri, opts) + )) + )).then(() => ({ integrity: sri, size: data.length })) +} + +module.exports.stream = writeStream +function writeStream (cache, opts) { + opts = opts || {} + const inputStream = new PassThrough() + let inputErr = false + function errCheck () { + if (inputErr) { throw inputErr } + } + + let allDone + const ret = to((c, n, cb) => { + if (!allDone) { + allDone = handleContent(inputStream, cache, opts, errCheck) + } + inputStream.write(c, n, cb) + }, cb => { + inputStream.end(() => { + if (!allDone) { + const e = new Error(Y`Cache input stream was empty`) + e.code = 'ENODATA' + return ret.emit('error', e) + } + allDone.then(res => { + res.integrity && ret.emit('integrity', res.integrity) + res.size !== null && ret.emit('size', res.size) + cb() + }, e => { + ret.emit('error', e) + }) + }) + }) + ret.once('error', e => { + inputErr = e + }) + return ret +} + +function handleContent (inputStream, cache, opts, errCheck) { + return BB.using(makeTmp(cache, opts), tmp => { + errCheck() + return pipeToTmp( + inputStream, cache, tmp.target, opts, errCheck + ).then(res => { + return moveToDestination( + tmp, cache, res.integrity, opts, errCheck + ).then(() => res) + }) + }) +} + +function pipeToTmp (inputStream, cache, tmpTarget, opts, errCheck) { + return BB.resolve().then(() => { + let integrity + let size + const hashStream = ssri.integrityStream({ + integrity: opts.integrity, + algorithms: opts.algorithms, + size: opts.size + }).on('integrity', s => { + integrity = s + }).on('size', s => { + size = s + }) + const outStream = fs.createWriteStream(tmpTarget, { + flags: 'wx' + }) + errCheck() + return pipe(inputStream, hashStream, outStream).then(() => { + return { integrity, size } + }).catch(err => { + return rimraf(tmpTarget).then(() => { throw err }) + }) + }) +} + +function makeTmp (cache, opts) { + const tmpTarget = uniqueFilename(path.join(cache, 'tmp'), opts.tmpPrefix) + return fixOwner.mkdirfix( + cache, path.dirname(tmpTarget) + ).then(() => ({ + target: tmpTarget, + moved: false + })).disposer(tmp => (!tmp.moved && rimraf(tmp.target))) +} + +function moveToDestination (tmp, cache, sri, opts, errCheck) { + errCheck && errCheck() + const destination = contentPath(cache, sri) + const destDir = path.dirname(destination) + + return fixOwner.mkdirfix( + cache, destDir + ).then(() => { + errCheck && errCheck() + return moveFile(tmp.target, destination) + }).then(() => { + errCheck && errCheck() + tmp.moved = true + return fixOwner.chownr(cache, destination) + }) +} + +function sizeError (expected, found) { + var err = new Error(Y`Bad data size: expected inserted data to be ${expected} bytes, but got ${found} instead`) + err.expected = expected + err.found = found + err.code = 'EBADSIZE' + return err +} + +function checksumError (expected, found) { + var err = new Error(Y`Integrity check failed: + Wanted: ${expected} + Found: ${found}`) + err.code = 'EINTEGRITY' + err.expected = expected + err.found = found + return err +} diff --git a/node_modules/pacote/node_modules/cacache/lib/entry-index.js b/node_modules/pacote/node_modules/cacache/lib/entry-index.js new file mode 100644 index 0000000000000..dee1824b1d091 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/entry-index.js @@ -0,0 +1,288 @@ +'use strict' + +const BB = require('bluebird') + +const contentPath = require('./content/path') +const crypto = require('crypto') +const figgyPudding = require('figgy-pudding') +const fixOwner = require('./util/fix-owner') +const fs = require('graceful-fs') +const hashToSegments = require('./util/hash-to-segments') +const ms = require('mississippi') +const path = require('path') +const ssri = require('ssri') +const Y = require('./util/y.js') + +const indexV = require('../package.json')['cache-version'].index + +const appendFileAsync = BB.promisify(fs.appendFile) +const readFileAsync = BB.promisify(fs.readFile) +const readdirAsync = BB.promisify(fs.readdir) +const concat = ms.concat +const from = ms.from + +module.exports.NotFoundError = class NotFoundError extends Error { + constructor (cache, key) { + super(Y`No cache entry for \`${key}\` found in \`${cache}\``) + this.code = 'ENOENT' + this.cache = cache + this.key = key + } +} + +const IndexOpts = figgyPudding({ + metadata: {}, + size: {} +}) + +module.exports.insert = insert +function insert (cache, key, integrity, opts) { + opts = IndexOpts(opts) + const bucket = bucketPath(cache, key) + const entry = { + key, + integrity: integrity && ssri.stringify(integrity), + time: Date.now(), + size: opts.size, + metadata: opts.metadata + } + return fixOwner.mkdirfix( + cache, path.dirname(bucket) + ).then(() => { + const stringified = JSON.stringify(entry) + // NOTE - Cleverness ahoy! + // + // This works because it's tremendously unlikely for an entry to corrupt + // another while still preserving the string length of the JSON in + // question. So, we just slap the length in there and verify it on read. + // + // Thanks to @isaacs for the whiteboarding session that ended up with this. + return appendFileAsync( + bucket, `\n${hashEntry(stringified)}\t${stringified}` + ) + }).then( + () => fixOwner.chownr(cache, bucket) + ).catch({ code: 'ENOENT' }, () => { + // There's a class of race conditions that happen when things get deleted + // during fixOwner, or between the two mkdirfix/chownr calls. + // + // It's perfectly fine to just not bother in those cases and lie + // that the index entry was written. Because it's a cache. + }).then(() => { + return formatEntry(cache, entry) + }) +} + +module.exports.insert.sync = insertSync +function insertSync (cache, key, integrity, opts) { + opts = IndexOpts(opts) + const bucket = bucketPath(cache, key) + const entry = { + key, + integrity: integrity && ssri.stringify(integrity), + time: Date.now(), + size: opts.size, + metadata: opts.metadata + } + fixOwner.mkdirfix.sync(cache, path.dirname(bucket)) + const stringified = JSON.stringify(entry) + fs.appendFileSync( + bucket, `\n${hashEntry(stringified)}\t${stringified}` + ) + try { + fixOwner.chownr.sync(cache, bucket) + } catch (err) { + if (err.code !== 'ENOENT') { + throw err + } + } + return formatEntry(cache, entry) +} + +module.exports.find = find +function find (cache, key) { + const bucket = bucketPath(cache, key) + return bucketEntries(bucket).then(entries => { + return entries.reduce((latest, next) => { + if (next && next.key === key) { + return formatEntry(cache, next) + } else { + return latest + } + }, null) + }).catch(err => { + if (err.code === 'ENOENT') { + return null + } else { + throw err + } + }) +} + +module.exports.find.sync = findSync +function findSync (cache, key) { + const bucket = bucketPath(cache, key) + try { + return bucketEntriesSync(bucket).reduce((latest, next) => { + if (next && next.key === key) { + return formatEntry(cache, next) + } else { + return latest + } + }, null) + } catch (err) { + if (err.code === 'ENOENT') { + return null + } else { + throw err + } + } +} + +module.exports.delete = del +function del (cache, key, opts) { + return insert(cache, key, null, opts) +} + +module.exports.delete.sync = delSync +function delSync (cache, key, opts) { + return insertSync(cache, key, null, opts) +} + +module.exports.lsStream = lsStream +function lsStream (cache) { + const indexDir = bucketDir(cache) + const stream = from.obj() + + // "/cachename/*" + readdirOrEmpty(indexDir).map(bucket => { + const bucketPath = path.join(indexDir, bucket) + + // "/cachename//*" + return readdirOrEmpty(bucketPath).map(subbucket => { + const subbucketPath = path.join(bucketPath, subbucket) + + // "/cachename///*" + return readdirOrEmpty(subbucketPath).map(entry => { + const getKeyToEntry = bucketEntries( + path.join(subbucketPath, entry) + ).reduce((acc, entry) => { + acc.set(entry.key, entry) + return acc + }, new Map()) + + return getKeyToEntry.then(reduced => { + for (let entry of reduced.values()) { + const formatted = formatEntry(cache, entry) + formatted && stream.push(formatted) + } + }).catch({ code: 'ENOENT' }, nop) + }) + }) + }).then(() => { + stream.push(null) + }, err => { + stream.emit('error', err) + }) + + return stream +} + +module.exports.ls = ls +function ls (cache) { + return BB.fromNode(cb => { + lsStream(cache).on('error', cb).pipe(concat(entries => { + cb(null, entries.reduce((acc, xs) => { + acc[xs.key] = xs + return acc + }, {})) + })) + }) +} + +function bucketEntries (bucket, filter) { + return readFileAsync( + bucket, 'utf8' + ).then(data => _bucketEntries(data, filter)) +} + +function bucketEntriesSync (bucket, filter) { + const data = fs.readFileSync(bucket, 'utf8') + return _bucketEntries(data, filter) +} + +function _bucketEntries (data, filter) { + let entries = [] + data.split('\n').forEach(entry => { + if (!entry) { return } + const pieces = entry.split('\t') + if (!pieces[1] || hashEntry(pieces[1]) !== pieces[0]) { + // Hash is no good! Corruption or malice? Doesn't matter! + // EJECT EJECT + return + } + let obj + try { + obj = JSON.parse(pieces[1]) + } catch (e) { + // Entry is corrupted! + return + } + if (obj) { + entries.push(obj) + } + }) + return entries +} + +module.exports._bucketDir = bucketDir +function bucketDir (cache) { + return path.join(cache, `index-v${indexV}`) +} + +module.exports._bucketPath = bucketPath +function bucketPath (cache, key) { + const hashed = hashKey(key) + return path.join.apply(path, [bucketDir(cache)].concat( + hashToSegments(hashed) + )) +} + +module.exports._hashKey = hashKey +function hashKey (key) { + return hash(key, 'sha256') +} + +module.exports._hashEntry = hashEntry +function hashEntry (str) { + return hash(str, 'sha1') +} + +function hash (str, digest) { + return crypto + .createHash(digest) + .update(str) + .digest('hex') +} + +function formatEntry (cache, entry) { + // Treat null digests as deletions. They'll shadow any previous entries. + if (!entry.integrity) { return null } + return { + key: entry.key, + integrity: entry.integrity, + path: contentPath(cache, entry.integrity), + size: entry.size, + time: entry.time, + metadata: entry.metadata + } +} + +function readdirOrEmpty (dir) { + return readdirAsync(dir) + .catch({ code: 'ENOENT' }, () => []) + .catch({ code: 'ENOTDIR' }, () => []) +} + +function nop () { +} diff --git a/node_modules/pacote/node_modules/cacache/lib/memoization.js b/node_modules/pacote/node_modules/cacache/lib/memoization.js new file mode 100644 index 0000000000000..92179c7ac6afc --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/memoization.js @@ -0,0 +1,69 @@ +'use strict' + +const LRU = require('lru-cache') + +const MAX_SIZE = 50 * 1024 * 1024 // 50MB +const MAX_AGE = 3 * 60 * 1000 + +let MEMOIZED = new LRU({ + max: MAX_SIZE, + maxAge: MAX_AGE, + length: (entry, key) => { + if (key.startsWith('key:')) { + return entry.data.length + } else if (key.startsWith('digest:')) { + return entry.length + } + } +}) + +module.exports.clearMemoized = clearMemoized +function clearMemoized () { + const old = {} + MEMOIZED.forEach((v, k) => { + old[k] = v + }) + MEMOIZED.reset() + return old +} + +module.exports.put = put +function put (cache, entry, data, opts) { + pickMem(opts).set(`key:${cache}:${entry.key}`, { entry, data }) + putDigest(cache, entry.integrity, data, opts) +} + +module.exports.put.byDigest = putDigest +function putDigest (cache, integrity, data, opts) { + pickMem(opts).set(`digest:${cache}:${integrity}`, data) +} + +module.exports.get = get +function get (cache, key, opts) { + return pickMem(opts).get(`key:${cache}:${key}`) +} + +module.exports.get.byDigest = getDigest +function getDigest (cache, integrity, opts) { + return pickMem(opts).get(`digest:${cache}:${integrity}`) +} + +class ObjProxy { + constructor (obj) { + this.obj = obj + } + get (key) { return this.obj[key] } + set (key, val) { this.obj[key] = val } +} + +function pickMem (opts) { + if (!opts || !opts.memoize) { + return MEMOIZED + } else if (opts.memoize.get && opts.memoize.set) { + return opts.memoize + } else if (typeof opts.memoize === 'object') { + return new ObjProxy(opts.memoize) + } else { + return MEMOIZED + } +} diff --git a/node_modules/pacote/node_modules/cacache/lib/util/fix-owner.js b/node_modules/pacote/node_modules/cacache/lib/util/fix-owner.js new file mode 100644 index 0000000000000..7eb9befe599b7 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/util/fix-owner.js @@ -0,0 +1,122 @@ +'use strict' + +const BB = require('bluebird') + +const chownr = BB.promisify(require('chownr')) +const mkdirp = BB.promisify(require('mkdirp')) +const inflight = require('promise-inflight') +const inferOwner = require('./infer-owner.js') + +// Memoize getuid()/getgid() calls. +// patch process.setuid/setgid to invalidate cached value on change +const self = { uid: null, gid: null } +const getSelf = () => { + if (typeof self.uid !== 'number') { + self.uid = process.getuid() + const setuid = process.setuid + process.setuid = (uid) => { + self.uid = null + process.setuid = setuid + return process.setuid(uid) + } + } + if (typeof self.gid !== 'number') { + self.gid = process.getgid() + const setgid = process.setgid + process.setgid = (gid) => { + self.gid = null + process.setgid = setgid + return process.setgid(gid) + } + } +} + +module.exports.chownr = fixOwner +function fixOwner (cache, filepath) { + if (!process.getuid) { + // This platform doesn't need ownership fixing + return BB.resolve() + } + return inferOwner(cache).then(owner => { + const { uid, gid } = owner + getSelf() + + // No need to override if it's already what we used. + if (self.uid === uid && self.gid === gid) { + return + } + + return inflight( + 'fixOwner: fixing ownership on ' + filepath, + () => chownr( + filepath, + typeof uid === 'number' ? uid : self.uid, + typeof gid === 'number' ? gid : self.gid + ).catch({ code: 'ENOENT' }, () => null) + ) + }) +} + +module.exports.chownr.sync = fixOwnerSync +function fixOwnerSync (cache, filepath) { + if (!process.getuid) { + // This platform doesn't need ownership fixing + return + } + const { uid, gid } = inferOwner.sync(cache) + getSelf() + if (self.uid === uid && self.gid === gid) { + // No need to override if it's already what we used. + return + } + try { + chownr.sync( + filepath, + typeof uid === 'number' ? uid : self.uid, + typeof gid === 'number' ? gid : self.gid + ) + } catch (err) { + // only catch ENOENT, any other error is a problem. + if (err.code === 'ENOENT') { + return null + } + throw err + } +} + +module.exports.mkdirfix = mkdirfix +function mkdirfix (cache, p, cb) { + // we have to infer the owner _before_ making the directory, even though + // we aren't going to use the results, since the cache itself might not + // exist yet. If we mkdirp it, then our current uid/gid will be assumed + // to be correct if it creates the cache folder in the process. + return inferOwner(cache).then(() => { + return mkdirp(p).then(made => { + if (made) { + return fixOwner(cache, made).then(() => made) + } + }).catch({ code: 'EEXIST' }, () => { + // There's a race in mkdirp! + return fixOwner(cache, p).then(() => null) + }) + }) +} + +module.exports.mkdirfix.sync = mkdirfixSync +function mkdirfixSync (cache, p) { + try { + inferOwner.sync(cache) + const made = mkdirp.sync(p) + if (made) { + fixOwnerSync(cache, made) + return made + } + } catch (err) { + if (err.code === 'EEXIST') { + fixOwnerSync(cache, p) + return null + } else { + throw err + } + } +} diff --git a/node_modules/pacote/node_modules/cacache/lib/util/hash-to-segments.js b/node_modules/pacote/node_modules/cacache/lib/util/hash-to-segments.js new file mode 100644 index 0000000000000..192be2a6d650a --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/util/hash-to-segments.js @@ -0,0 +1,11 @@ +'use strict' + +module.exports = hashToSegments + +function hashToSegments (hash) { + return [ + hash.slice(0, 2), + hash.slice(2, 4), + hash.slice(4) + ] +} diff --git a/node_modules/pacote/node_modules/cacache/lib/util/infer-owner.js b/node_modules/pacote/node_modules/cacache/lib/util/infer-owner.js new file mode 100644 index 0000000000000..17e423d57f369 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/util/infer-owner.js @@ -0,0 +1,80 @@ +'use strict' + +// This is only called by lib/util/fix-owner.js +// +// Get the uid/gid from the cache folder itself, not from +// settings being passed in. Too flaky otherwise, because the +// opts baton has to be passed properrly through half a dozen +// different modules. +// +// This module keeps a Map of cache=>{uid,gid}. If not in the map, +// then stat the folder, then the parent, ..., until it finds a folder +// that exists, and use that folder's uid and gid as the owner. +// +// If we don't have getuid/getgid, then this never gets called. + +const BB = require('bluebird') +const fs = require('fs') +const lstat = BB.promisify(fs.lstat) +const lstatSync = fs.lstatSync +const { dirname } = require('path') +const inflight = require('promise-inflight') + +const cacheToOwner = new Map() + +const inferOwner = cache => { + if (cacheToOwner.has(cache)) { + // already inferred it + return BB.resolve(cacheToOwner.get(cache)) + } + + const statThen = st => { + const { uid, gid } = st + cacheToOwner.set(cache, { uid, gid }) + return { uid, gid } + } + // check the parent if the cache itself fails + // likely it does not exist yet. + const parent = dirname(cache) + const parentTrap = parent === cache ? null : er => { + return inferOwner(parent).then((owner) => { + cacheToOwner.set(cache, owner) + return owner + }) + } + return lstat(cache).then(statThen, parentTrap) +} + +const inferOwnerSync = cache => { + if (cacheToOwner.has(cache)) { + // already inferred it + return cacheToOwner.get(cache) + } + + // the parent we'll check if it doesn't exist yet + const parent = dirname(cache) + // avoid obscuring call site by re-throwing + // "catch" the error by returning from a finally, + // only if we're not at the root, and the parent call works. + let threw = true + try { + const st = lstatSync(cache) + threw = false + const { uid, gid } = st + cacheToOwner.set(cache, { uid, gid }) + return { uid, gid } + } finally { + if (threw && parent !== cache) { + const owner = inferOwnerSync(parent) + cacheToOwner.set(cache, owner) + return owner // eslint-disable-line no-unsafe-finally + } + } +} + +module.exports = cache => inflight( + 'inferOwner: detecting ownership of ' + cache, + () => inferOwner(cache) +) + +module.exports.sync = inferOwnerSync diff --git a/node_modules/pacote/node_modules/cacache/lib/util/move-file.js b/node_modules/pacote/node_modules/cacache/lib/util/move-file.js new file mode 100644 index 0000000000000..b43744b3da867 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/util/move-file.js @@ -0,0 +1,51 @@ +'use strict' + +const fs = require('graceful-fs') +const BB = require('bluebird') +const chmod = BB.promisify(fs.chmod) +const unlink = BB.promisify(fs.unlink) +let move +let pinflight + +module.exports = moveFile +function moveFile (src, dest) { + // This isn't quite an fs.rename -- the assumption is that + // if `dest` already exists, and we get certain errors while + // trying to move it, we should just not bother. + // + // In the case of cache corruption, users will receive an + // EINTEGRITY error elsewhere, and can remove the offending + // content their own way. + // + // Note that, as the name suggests, this strictly only supports file moves. + return BB.fromNode(cb => { + fs.link(src, dest, err => { + if (err) { + if (err.code === 'EEXIST' || err.code === 'EBUSY') { + // file already exists, so whatever + } else if (err.code === 'EPERM' && process.platform === 'win32') { + // file handle stayed open even past graceful-fs limits + } else { + return cb(err) + } + } + return cb() + }) + }).then(() => { + // content should never change for any reason, so make it read-only + return BB.join(unlink(src), process.platform !== 'win32' && chmod(dest, '0444')) + }).catch(() => { + if (!pinflight) { pinflight = require('promise-inflight') } + return pinflight('cacache-move-file:' + dest, () => { + return BB.promisify(fs.stat)(dest).catch(err => { + if (err.code !== 'ENOENT') { + // Something else is wrong here. Bail bail bail + throw err + } + // file doesn't already exist! let's try a rename -> copy fallback + if (!move) { move = require('move-concurrently') } + return move(src, dest, { BB, fs }) + }) + }) + }) +} diff --git a/node_modules/pacote/node_modules/cacache/lib/util/tmp.js b/node_modules/pacote/node_modules/cacache/lib/util/tmp.js new file mode 100644 index 0000000000000..78494b8eae712 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/util/tmp.js @@ -0,0 +1,37 @@ +'use strict' + +const BB = require('bluebird') + +const figgyPudding = require('figgy-pudding') +const fixOwner = require('./fix-owner') +const path = require('path') +const rimraf = BB.promisify(require('rimraf')) +const uniqueFilename = require('unique-filename') + +const TmpOpts = figgyPudding({ + tmpPrefix: {} +}) + +module.exports.mkdir = mktmpdir +function mktmpdir (cache, opts) { + opts = TmpOpts(opts) + const tmpTarget = uniqueFilename(path.join(cache, 'tmp'), opts.tmpPrefix) + return fixOwner.mkdirfix(cache, tmpTarget).then(() => { + return tmpTarget + }) +} + +module.exports.withTmp = withTmp +function withTmp (cache, opts, cb) { + if (!cb) { + cb = opts + opts = null + } + opts = TmpOpts(opts) + return BB.using(mktmpdir(cache, opts).disposer(rimraf), cb) +} + +module.exports.fix = fixtmpdir +function fixtmpdir (cache) { + return fixOwner(cache, path.join(cache, 'tmp')) +} diff --git a/node_modules/pacote/node_modules/cacache/lib/util/y.js b/node_modules/pacote/node_modules/cacache/lib/util/y.js new file mode 100644 index 0000000000000..d62bedacb32a2 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/util/y.js @@ -0,0 +1,25 @@ +'use strict' + +const path = require('path') +const y18n = require('y18n')({ + directory: path.join(__dirname, '../../locales'), + locale: 'en', + updateFiles: process.env.CACACHE_UPDATE_LOCALE_FILES === 'true' +}) + +module.exports = yTag +function yTag (parts) { + let str = '' + parts.forEach((part, i) => { + const arg = arguments[i + 1] + str += part + if (arg) { + str += '%s' + } + }) + return y18n.__.apply(null, [str].concat([].slice.call(arguments, 1))) +} + +module.exports.setLocale = locale => { + y18n.setLocale(locale) +} diff --git a/node_modules/pacote/node_modules/cacache/lib/verify.js b/node_modules/pacote/node_modules/cacache/lib/verify.js new file mode 100644 index 0000000000000..617d38db12c33 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/lib/verify.js @@ -0,0 +1,227 @@ +'use strict' + +const BB = require('bluebird') + +const contentPath = require('./content/path') +const figgyPudding = require('figgy-pudding') +const finished = BB.promisify(require('mississippi').finished) +const fixOwner = require('./util/fix-owner') +const fs = require('graceful-fs') +const glob = BB.promisify(require('glob')) +const index = require('./entry-index') +const path = require('path') +const rimraf = BB.promisify(require('rimraf')) +const ssri = require('ssri') + +BB.promisifyAll(fs) + +const VerifyOpts = figgyPudding({ + concurrency: { + default: 20 + }, + filter: {}, + log: { + default: { silly () {} } + } +}) + +module.exports = verify +function verify (cache, opts) { + opts = VerifyOpts(opts) + opts.log.silly('verify', 'verifying cache at', cache) + return BB.reduce([ + markStartTime, + fixPerms, + garbageCollect, + rebuildIndex, + cleanTmp, + writeVerifile, + markEndTime + ], (stats, step, i) => { + const label = step.name || `step #${i}` + const start = new Date() + return BB.resolve(step(cache, opts)).then(s => { + s && Object.keys(s).forEach(k => { + stats[k] = s[k] + }) + const end = new Date() + if (!stats.runTime) { stats.runTime = {} } + stats.runTime[label] = end - start + return stats + }) + }, {}).tap(stats => { + stats.runTime.total = stats.endTime - stats.startTime + opts.log.silly('verify', 'verification finished for', cache, 'in', `${stats.runTime.total}ms`) + }) +} + +function markStartTime (cache, opts) { + return { startTime: new Date() } +} + +function markEndTime (cache, opts) { + return { endTime: new Date() } +} + +function fixPerms (cache, opts) { + opts.log.silly('verify', 'fixing cache permissions') + return fixOwner.mkdirfix(cache, cache).then(() => { + // TODO - fix file permissions too + return fixOwner.chownr(cache, cache) + }).then(() => null) +} + +// Implements a naive mark-and-sweep tracing garbage collector. +// +// The algorithm is basically as follows: +// 1. Read (and filter) all index entries ("pointers") +// 2. Mark each integrity value as "live" +// 3. Read entire filesystem tree in `content-vX/` dir +// 4. If content is live, verify its checksum and delete it if it fails +// 5. If content is not marked as live, rimraf it. +// +function garbageCollect (cache, opts) { + opts.log.silly('verify', 'garbage collecting content') + const indexStream = index.lsStream(cache) + const liveContent = new Set() + indexStream.on('data', entry => { + if (opts.filter && !opts.filter(entry)) { return } + liveContent.add(entry.integrity.toString()) + }) + return finished(indexStream).then(() => { + const contentDir = contentPath._contentDir(cache) + return glob(path.join(contentDir, '**'), { + follow: false, + nodir: true, + nosort: true + }).then(files => { + return BB.resolve({ + verifiedContent: 0, + reclaimedCount: 0, + reclaimedSize: 0, + badContentCount: 0, + keptSize: 0 + }).tap((stats) => BB.map(files, (f) => { + const split = f.split(/[/\\]/) + const digest = split.slice(split.length - 3).join('') + const algo = split[split.length - 4] + const integrity = ssri.fromHex(digest, algo) + if (liveContent.has(integrity.toString())) { + return verifyContent(f, integrity).then(info => { + if (!info.valid) { + stats.reclaimedCount++ + stats.badContentCount++ + stats.reclaimedSize += info.size + } else { + stats.verifiedContent++ + stats.keptSize += info.size + } + return stats + }) + } else { + // No entries refer to this content. We can delete. + stats.reclaimedCount++ + return fs.statAsync(f).then(s => { + return rimraf(f).then(() => { + stats.reclaimedSize += s.size + return stats + }) + }) + } + }, { concurrency: opts.concurrency })) + }) + }) +} + +function verifyContent (filepath, sri) { + return fs.statAsync(filepath).then(stat => { + const contentInfo = { + size: stat.size, + valid: true + } + return ssri.checkStream( + fs.createReadStream(filepath), + sri + ).catch(err => { + if (err.code !== 'EINTEGRITY') { throw err } + return rimraf(filepath).then(() => { + contentInfo.valid = false + }) + }).then(() => contentInfo) + }).catch({ code: 'ENOENT' }, () => ({ size: 0, valid: false })) +} + +function rebuildIndex (cache, opts) { + opts.log.silly('verify', 'rebuilding index') + return index.ls(cache).then(entries => { + const stats = { + missingContent: 0, + rejectedEntries: 0, + totalEntries: 0 + } + const buckets = {} + for (let k in entries) { + if (entries.hasOwnProperty(k)) { + const hashed = index._hashKey(k) + const entry = entries[k] + const excluded = opts.filter && !opts.filter(entry) + excluded && stats.rejectedEntries++ + if (buckets[hashed] && !excluded) { + buckets[hashed].push(entry) + } else if (buckets[hashed] && excluded) { + // skip + } else if (excluded) { + buckets[hashed] = [] + buckets[hashed]._path = index._bucketPath(cache, k) + } else { + buckets[hashed] = [entry] + buckets[hashed]._path = index._bucketPath(cache, k) + } + } + } + return BB.map(Object.keys(buckets), key => { + return rebuildBucket(cache, buckets[key], stats, opts) + }, { concurrency: opts.concurrency }).then(() => stats) + }) +} + +function rebuildBucket (cache, bucket, stats, opts) { + return fs.truncateAsync(bucket._path).then(() => { + // This needs to be serialized because cacache explicitly + // lets very racy bucket conflicts clobber each other. + return BB.mapSeries(bucket, entry => { + const content = contentPath(cache, entry.integrity) + return fs.statAsync(content).then(() => { + return index.insert(cache, entry.key, entry.integrity, { + metadata: entry.metadata, + size: entry.size + }).then(() => { stats.totalEntries++ }) + }).catch({ code: 'ENOENT' }, () => { + stats.rejectedEntries++ + stats.missingContent++ + }) + }) + }) +} + +function cleanTmp (cache, opts) { + opts.log.silly('verify', 'cleaning tmp directory') + return rimraf(path.join(cache, 'tmp')) +} + +function writeVerifile (cache, opts) { + const verifile = path.join(cache, '_lastverified') + opts.log.silly('verify', 'writing verifile to ' + verifile) + try { + return fs.writeFileAsync(verifile, '' + (+(new Date()))) + } finally { + fixOwner.chownr.sync(cache, verifile) + } +} + +module.exports.lastRun = lastRun +function lastRun (cache) { + return fs.readFileAsync( + path.join(cache, '_lastverified'), 'utf8' + ).then(data => new Date(+data)) +} diff --git a/node_modules/pacote/node_modules/cacache/locales/en.js b/node_modules/pacote/node_modules/cacache/locales/en.js new file mode 100644 index 0000000000000..1715fdb53cd3f --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/locales/en.js @@ -0,0 +1,47 @@ +'use strict' + +const ls = require('../ls.js') +const get = require('../get.js') +const put = require('../put.js') +const rm = require('../rm.js') +const verify = require('../verify.js') +const setLocale = require('../lib/util/y.js').setLocale +const clearMemoized = require('../lib/memoization.js').clearMemoized +const tmp = require('../lib/util/tmp.js') + +setLocale('en') + +const x = module.exports + +x.ls = cache => ls(cache) +x.ls.stream = cache => ls.stream(cache) + +x.get = (cache, key, opts) => get(cache, key, opts) +x.get.byDigest = (cache, hash, opts) => get.byDigest(cache, hash, opts) +x.get.sync = (cache, key, opts) => get.sync(cache, key, opts) +x.get.sync.byDigest = (cache, key, opts) => get.sync.byDigest(cache, key, opts) +x.get.stream = (cache, key, opts) => get.stream(cache, key, opts) +x.get.stream.byDigest = (cache, hash, opts) => get.stream.byDigest(cache, hash, opts) +x.get.copy = (cache, key, dest, opts) => get.copy(cache, key, dest, opts) +x.get.copy.byDigest = (cache, hash, dest, opts) => get.copy.byDigest(cache, hash, dest, opts) +x.get.info = (cache, key) => get.info(cache, key) +x.get.hasContent = (cache, hash) => get.hasContent(cache, hash) +x.get.hasContent.sync = (cache, hash) => get.hasContent.sync(cache, hash) + +x.put = (cache, key, data, opts) => put(cache, key, data, opts) +x.put.stream = (cache, key, opts) => put.stream(cache, key, opts) + +x.rm = (cache, key) => rm.entry(cache, key) +x.rm.all = cache => rm.all(cache) +x.rm.entry = x.rm +x.rm.content = (cache, hash) => rm.content(cache, hash) + +x.setLocale = lang => setLocale(lang) +x.clearMemoized = () => clearMemoized() + +x.tmp = {} +x.tmp.mkdir = (cache, opts) => tmp.mkdir(cache, opts) +x.tmp.withTmp = (cache, opts, cb) => tmp.withTmp(cache, opts, cb) + +x.verify = (cache, opts) => verify(cache, opts) +x.verify.lastRun = cache => verify.lastRun(cache) diff --git a/node_modules/pacote/node_modules/cacache/locales/en.json b/node_modules/pacote/node_modules/cacache/locales/en.json new file mode 100644 index 0000000000000..4f145288408ec --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/locales/en.json @@ -0,0 +1,7 @@ +{ + "No cache entry for `%s` found in `%s`": "No cache entry for %s found in %s", + "Integrity verification failed for %s (%s)": "Integrity verification failed for %s (%s)", + "Bad data size: expected inserted data to be %s bytes, but got %s instead": "Bad data size: expected inserted data to be %s bytes, but got %s instead", + "Cache input stream was empty": "Cache input stream was empty", + "Integrity check failed:\n Wanted: %s\n Found: %s": "Integrity check failed:\n Wanted: %s\n Found: %s" +} \ No newline at end of file diff --git a/node_modules/pacote/node_modules/cacache/locales/es.js b/node_modules/pacote/node_modules/cacache/locales/es.js new file mode 100644 index 0000000000000..ac4e4cfe7d2f4 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/locales/es.js @@ -0,0 +1,49 @@ +'use strict' + +const ls = require('../ls.js') +const get = require('../get.js') +const put = require('../put.js') +const rm = require('../rm.js') +const verify = require('../verify.js') +const setLocale = require('../lib/util/y.js').setLocale +const clearMemoized = require('../lib/memoization.js').clearMemoized +const tmp = require('../lib/util/tmp.js') + +setLocale('es') + +const x = module.exports + +x.ls = cache => ls(cache) +x.ls.flujo = cache => ls.stream(cache) + +x.saca = (cache, clave, ops) => get(cache, clave, ops) +x.saca.porHacheo = (cache, hacheo, ops) => get.byDigest(cache, hacheo, ops) +x.saca.sinc = (cache, clave, ops) => get.sync(cache, clave, ops) +x.saca.sinc.porHacheo = (cache, hacheo, ops) => get.sync.byDigest(cache, hacheo, ops) +x.saca.flujo = (cache, clave, ops) => get.stream(cache, clave, ops) +x.saca.flujo.porHacheo = (cache, hacheo, ops) => get.stream.byDigest(cache, hacheo, ops) +x.sava.copia = (cache, clave, destino, opts) => get.copy(cache, clave, destino, opts) +x.sava.copia.porHacheo = (cache, hacheo, destino, opts) => get.copy.byDigest(cache, hacheo, destino, opts) +x.saca.info = (cache, clave) => get.info(cache, clave) +x.saca.tieneDatos = (cache, hacheo) => get.hasContent(cache, hacheo) +x.saca.tieneDatos.sinc = (cache, hacheo) => get.hasContent.sync(cache, hacheo) + +x.mete = (cache, clave, datos, ops) => put(cache, clave, datos, ops) +x.mete.flujo = (cache, clave, ops) => put.stream(cache, clave, ops) + +x.rm = (cache, clave) => rm.entry(cache, clave) +x.rm.todo = cache => rm.all(cache) +x.rm.entrada = x.rm +x.rm.datos = (cache, hacheo) => rm.content(cache, hacheo) + +x.ponLenguaje = lang => setLocale(lang) +x.limpiaMemoizado = () => clearMemoized() + +x.tmp = {} +x.tmp.mkdir = (cache, ops) => tmp.mkdir(cache, ops) +x.tmp.hazdir = x.tmp.mkdir +x.tmp.conTmp = (cache, ops, cb) => tmp.withTmp(cache, ops, cb) + +x.verifica = (cache, ops) => verify(cache, ops) +x.verifica.ultimaVez = cache => verify.lastRun(cache) +x.verifica.últimaVez = x.verifica.ultimaVez diff --git a/node_modules/pacote/node_modules/cacache/locales/es.json b/node_modules/pacote/node_modules/cacache/locales/es.json new file mode 100644 index 0000000000000..a91d76225b43f --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/locales/es.json @@ -0,0 +1,6 @@ +{ + "No cache entry for `%s` found in `%s`": "No existe ninguna entrada para «%s» en «%s»", + "Integrity verification failed for %s (%s)": "Verificación de integridad falló para «%s» (%s)", + "Bad data size: expected inserted data to be %s bytes, but got %s instead": "Tamaño incorrecto de datos: los datos insertados debieron haber sido %s octetos, pero fueron %s", + "Cache input stream was empty": "El stream de entrada al caché estaba vacío" +} diff --git a/node_modules/pacote/node_modules/cacache/ls.js b/node_modules/pacote/node_modules/cacache/ls.js new file mode 100644 index 0000000000000..9f49b388ac380 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/ls.js @@ -0,0 +1,6 @@ +'use strict' + +var index = require('./lib/entry-index') + +module.exports = index.ls +module.exports.stream = index.lsStream diff --git a/node_modules/pacote/node_modules/cacache/package.json b/node_modules/pacote/node_modules/cacache/package.json new file mode 100644 index 0000000000000..45e66b910e9fb --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/package.json @@ -0,0 +1,125 @@ +{ + "_from": "cacache@^12.0.0", + "_id": "cacache@12.0.0", + "_inBundle": false, + "_integrity": "sha512-0baf1FhCp16LhN+xDJsOrSiaPDCTD3JegZptVmLDoEbFcT5aT+BeFGt3wcDU3olCP5tpTCXU5sv0+TsKWT9WGQ==", + "_location": "/pacote/cacache", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "cacache@^12.0.0", + "name": "cacache", + "escapedName": "cacache", + "rawSpec": "^12.0.0", + "saveSpec": null, + "fetchSpec": "^12.0.0" + }, + "_requiredBy": [ + "/pacote" + ], + "_resolved": "https://registry.npmjs.org/cacache/-/cacache-12.0.0.tgz", + "_shasum": "1ed91cc306312a53ad688b1563ce4c416faec564", + "_spec": "cacache@^12.0.0", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/pacote", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/zkat/cacache/issues" + }, + "bundleDependencies": false, + "cache-version": { + "content": "2", + "index": "5" + }, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "contributors": [ + { + "name": "Charlotte Spencer", + "email": "charlottelaspencer@gmail.com" + }, + { + "name": "Rebecca Turner", + "email": "me@re-becca.org" + } + ], + "dependencies": { + "bluebird": "^3.5.5", + "chownr": "^1.1.1", + "figgy-pudding": "^3.5.1", + "glob": "^7.1.4", + "graceful-fs": "^4.1.15", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "mkdirp": "^0.5.1", + "move-concurrently": "^1.0.1", + "promise-inflight": "^1.0.1", + "rimraf": "^2.6.3", + "ssri": "^6.0.1", + "unique-filename": "^1.1.1", + "y18n": "^4.0.0" + }, + "deprecated": false, + "description": "Fast, fault-tolerant, cross-platform, disk-based, data-agnostic, content-addressable cache.", + "devDependencies": { + "benchmark": "^2.1.4", + "chalk": "^2.4.2", + "cross-env": "^5.1.4", + "require-inject": "^1.4.4", + "standard": "^12.0.1", + "standard-version": "^6.0.1", + "tacks": "^1.3.0", + "tap": "^12.7.0", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.9" + }, + "files": [ + "*.js", + "lib", + "locales" + ], + "homepage": "https://github.com/zkat/cacache#readme", + "keywords": [ + "cache", + "caching", + "content-addressable", + "sri", + "sri hash", + "subresource integrity", + "cache", + "storage", + "store", + "file store", + "filesystem", + "disk cache", + "disk storage" + ], + "license": "ISC", + "main": "index.js", + "name": "cacache", + "repository": { + "type": "git", + "url": "git+https://github.com/zkat/cacache.git" + }, + "scripts": { + "benchmarks": "node test/benchmarks", + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "cross-env CACACHE_UPDATE_LOCALE_FILES=true tap --coverage --nyc-arg=--all -J test/*.js", + "test-docker": "docker run -it --rm --name pacotest -v \"$PWD\":/tmp -w /tmp node:latest npm test", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "12.0.0" +} diff --git a/node_modules/pacote/node_modules/cacache/put.js b/node_modules/pacote/node_modules/cacache/put.js new file mode 100644 index 0000000000000..a400639303a44 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/put.js @@ -0,0 +1,86 @@ +'use strict' + +const figgyPudding = require('figgy-pudding') +const index = require('./lib/entry-index') +const memo = require('./lib/memoization') +const write = require('./lib/content/write') +const to = require('mississippi').to + +const PutOpts = figgyPudding({ + algorithms: { + default: ['sha512'] + }, + integrity: {}, + memoize: {}, + metadata: {}, + pickAlgorithm: {}, + size: {}, + tmpPrefix: {}, + single: {}, + sep: {}, + error: {}, + strict: {} +}) + +module.exports = putData +function putData (cache, key, data, opts) { + opts = PutOpts(opts) + return write(cache, data, opts).then(res => { + return index.insert( + cache, key, res.integrity, opts.concat({ size: res.size }) + ).then(entry => { + if (opts.memoize) { + memo.put(cache, entry, data, opts) + } + return res.integrity + }) + }) +} + +module.exports.stream = putStream +function putStream (cache, key, opts) { + opts = PutOpts(opts) + let integrity + let size + const contentStream = write.stream( + cache, opts + ).on('integrity', int => { + integrity = int + }).on('size', s => { + size = s + }) + let memoData + let memoTotal = 0 + const stream = to((chunk, enc, cb) => { + contentStream.write(chunk, enc, () => { + if (opts.memoize) { + if (!memoData) { memoData = [] } + memoData.push(chunk) + memoTotal += chunk.length + } + cb() + }) + }, cb => { + contentStream.end(() => { + index.insert(cache, key, integrity, opts.concat({ size })).then(entry => { + if (opts.memoize) { + memo.put(cache, entry, Buffer.concat(memoData, memoTotal), opts) + } + stream.emit('integrity', integrity) + cb() + }) + }) + }) + let erred = false + stream.once('error', err => { + if (erred) { return } + erred = true + contentStream.emit('error', err) + }) + contentStream.once('error', err => { + if (erred) { return } + erred = true + stream.emit('error', err) + }) + return stream +} diff --git a/node_modules/pacote/node_modules/cacache/rm.js b/node_modules/pacote/node_modules/cacache/rm.js new file mode 100644 index 0000000000000..e71a1d27b4cf8 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/rm.js @@ -0,0 +1,28 @@ +'use strict' + +const BB = require('bluebird') + +const index = require('./lib/entry-index') +const memo = require('./lib/memoization') +const path = require('path') +const rimraf = BB.promisify(require('rimraf')) +const rmContent = require('./lib/content/rm') + +module.exports = entry +module.exports.entry = entry +function entry (cache, key) { + memo.clearMemoized() + return index.delete(cache, key) +} + +module.exports.content = content +function content (cache, integrity) { + memo.clearMemoized() + return rmContent(cache, integrity) +} + +module.exports.all = all +function all (cache) { + memo.clearMemoized() + return rimraf(path.join(cache, '*(content-*|index-*)')) +} diff --git a/node_modules/pacote/node_modules/cacache/verify.js b/node_modules/pacote/node_modules/cacache/verify.js new file mode 100644 index 0000000000000..db7763d7afd07 --- /dev/null +++ b/node_modules/pacote/node_modules/cacache/verify.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./lib/verify') diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/pacote/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 0000000000000..fc6ba4f7e3fec --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,228 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) + + +* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) + + +### BREAKING CHANGES + +* uid and gid are inferred from cache folder, rather than +being passed in as options. + + + + +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + + +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + + +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + + +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + + +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + + +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + + +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + + +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + + +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + + +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + + +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + + +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + + +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + + +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + + +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + + +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + + +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + + +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + + +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/pacote/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/README.md b/node_modules/pacote/node_modules/npm-registry-fetch/README.md new file mode 100644 index 0000000000000..0c3f4f9469955 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [![npm version](https://img.shields.io/npm/v/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![license](https://img.shields.io/npm/l/npm-registry-fetch.svg)](https://npm.im/npm-registry-fetch) [![Travis](https://img.shields.io/travis/npm/npm-registry-fetch/latest.svg)](https://travis-ci.org/npm/npm-registry-fetch) [![AppVeyor](https://img.shields.io/appveyor/ci/zkat/npm-registry-fetch/latest.svg)](https://ci.appveyor.com/project/npm/npm-registry-fetch) [![Coverage Status](https://coveralls.io/repos/github/npm/npm-registry-fetch/badge.svg?branch=latest)](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### `> fetch(url, [opts]) -> Promise` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### `> fetch.json(url, [opts]) -> Promise` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### `opts.:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@/node@+ ()'` + +User agent string to send in the `User-Agent` header. + +##### `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/auth.js b/node_modules/pacote/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 0000000000000..d583982d0a8b2 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/check-response.js b/node_modules/pacote/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 0000000000000..bfde699edcfbd --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/config.js b/node_modules/pacote/node_modules/npm-registry-fetch/config.js new file mode 100644 index 0000000000000..1c43b26eadd4c --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,96 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/errors.js b/node_modules/pacote/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 0000000000000..ba78735fce135 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/index.js b/node_modules/pacote/node_modules/npm-registry-fetch/index.js new file mode 100644 index 0000000000000..c18487388b269 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,191 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/package.json b/node_modules/pacote/node_modules/npm-registry-fetch/package.json new file mode 100644 index 0000000000000..03bf89639a50c --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,92 @@ +{ + "_from": "npm-registry-fetch@^4.0.0", + "_id": "npm-registry-fetch@4.0.0", + "_inBundle": false, + "_integrity": "sha512-Jllq35Jag8dtv0M17ue74XtdQTyqKzuAYGiX9mAjOhkmNjib3bBUgK6mUY61+AHnXeSRobQkpY3/xIOS/omptw==", + "_location": "/pacote/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^4.0.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/pacote" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.0.tgz", + "_shasum": "5ef75845b605855c7964472542c25da172af8677", + "_spec": "npm-registry-fetch@^4.0.0", + "_where": "/Users/isaacs/dev/npm/cli/node_modules/pacote", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^12.0.0", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.0" +} diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/silentlog.js b/node_modules/pacote/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 0000000000000..886c5d55b2dbb --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/pacote/package.json b/node_modules/pacote/package.json index 9a3219b0fa9dd..61f4be8e1e78a 100644 --- a/node_modules/pacote/package.json +++ b/node_modules/pacote/package.json @@ -5,7 +5,24 @@ "_integrity": "sha512-nWr0ari6E+apbdoN0hToTKZElO5h4y8DGFa2pyNA5GQIdcP0imC96bA0bbPw1gpeguVIiUgHHaAlq/6xfPp8Qw==", "_location": "/pacote", "_phantomChildren": { + "JSONStream": "1.3.5", + "bluebird": "3.5.5", + "chownr": "1.1.2", + "figgy-pudding": "3.5.1", + "glob": "7.1.4", + "graceful-fs": "4.2.0", + "lru-cache": "5.1.1", + "make-fetch-happen": "5.0.0", + "mississippi": "3.0.0", + "mkdirp": "0.5.1", + "move-concurrently": "1.0.1", + "npm-package-arg": "6.1.0", + "promise-inflight": "1.0.1", + "rimraf": "2.6.3", "safe-buffer": "5.1.2", + "ssri": "6.0.1", + "unique-filename": "1.1.1", + "y18n": "4.0.0", "yallist": "3.0.3" }, "_requested": { @@ -21,7 +38,8 @@ "_requiredBy": [ "#USER", "/", - "/libcipm" + "/libcipm", + "/libnpm" ], "_resolved": "https://registry.npmjs.org/pacote/-/pacote-9.5.4.tgz", "_shasum": "8baa26f3d1326d13dc2fe0fe84040a364ae30aad", diff --git a/package-lock.json b/package-lock.json index cbad3cc685648..a67e718b5cb53 100644 --- a/package-lock.json +++ b/package-lock.json @@ -3106,6 +3106,39 @@ "pacote": "^9.2.3", "read-package-json": "^2.0.13", "stringify-package": "^1.0.0" + }, + "dependencies": { + "make-fetch-happen": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "requires": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + } + }, + "npm-registry-fetch": { + "version": "3.9.1", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + } + } } }, "libnpmaccess": { @@ -3123,6 +3156,37 @@ "version": "2.0.0", "resolved": "https://registry.npmjs.org/aproba/-/aproba-2.0.0.tgz", "integrity": "sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==" + }, + "make-fetch-happen": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "requires": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + } + }, + "npm-registry-fetch": { + "version": "3.9.1", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + } } } }, @@ -3185,6 +3249,39 @@ "figgy-pudding": "^3.4.1", "get-stream": "^4.0.0", "npm-registry-fetch": "^3.8.0" + }, + "dependencies": { + "make-fetch-happen": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "requires": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + } + }, + "npm-registry-fetch": { + "version": "3.9.1", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + } + } } }, "libnpmorg": { @@ -3202,6 +3299,37 @@ "version": "2.0.0", "resolved": "https://registry.npmjs.org/aproba/-/aproba-2.0.0.tgz", "integrity": "sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==" + }, + "make-fetch-happen": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "requires": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + } + }, + "npm-registry-fetch": { + "version": "3.9.1", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + } } } }, @@ -3219,6 +3347,39 @@ "npm-registry-fetch": "^3.8.0", "semver": "^5.5.1", "ssri": "^6.0.1" + }, + "dependencies": { + "make-fetch-happen": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "requires": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + } + }, + "npm-registry-fetch": { + "version": "3.9.1", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + } + } } }, "libnpmsearch": { @@ -3229,6 +3390,39 @@ "figgy-pudding": "^3.5.1", "get-stream": "^4.0.0", "npm-registry-fetch": "^3.8.0" + }, + "dependencies": { + "make-fetch-happen": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "requires": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + } + }, + "npm-registry-fetch": { + "version": "3.9.1", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + } + } } }, "libnpmteam": { @@ -3246,6 +3440,37 @@ "version": "2.0.0", "resolved": "https://registry.npmjs.org/aproba/-/aproba-2.0.0.tgz", "integrity": "sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==" + }, + "make-fetch-happen": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "requires": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + } + }, + "npm-registry-fetch": { + "version": "3.9.1", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + } } } }, @@ -3880,6 +4105,39 @@ "aproba": "^1.1.2 || 2", "figgy-pudding": "^3.4.1", "npm-registry-fetch": "^3.8.0" + }, + "dependencies": { + "make-fetch-happen": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", + "integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", + "requires": { + "agentkeepalive": "^3.4.1", + "cacache": "^11.3.3", + "http-cache-semantics": "^3.8.1", + "http-proxy-agent": "^2.1.0", + "https-proxy-agent": "^2.2.1", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "node-fetch-npm": "^2.0.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^6.0.0" + } + }, + "npm-registry-fetch": { + "version": "3.9.1", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", + "integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^4.0.2", + "npm-package-arg": "^6.1.0" + } + } } }, "npm-registry-couchapp": { @@ -3902,36 +4160,16 @@ } }, "npm-registry-fetch": { - "version": "3.9.1", - "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-3.9.1.tgz", - "integrity": "sha512-VQCEZlydXw4AwLROAXWUR7QDfe2Y8Id/vpAgp6TI1/H78a4SiQ1kQrKZALm5/zxM5n4HIi+aYb+idUAV/RuY0Q==", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.0.tgz", + "integrity": "sha512-Jllq35Jag8dtv0M17ue74XtdQTyqKzuAYGiX9mAjOhkmNjib3bBUgK6mUY61+AHnXeSRobQkpY3/xIOS/omptw==", "requires": { "JSONStream": "^1.3.4", "bluebird": "^3.5.1", "figgy-pudding": "^3.4.1", "lru-cache": "^5.1.1", - "make-fetch-happen": "^4.0.2", + "make-fetch-happen": "^5.0.0", "npm-package-arg": "^6.1.0" - }, - "dependencies": { - "make-fetch-happen": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-4.0.2.tgz", - "integrity": "sha512-YMJrAjHSb/BordlsDEcVcPyTbiJKkzqMf48N8dAJZT9Zjctrkb6Yg4TY9Sq2AwSIQJFn5qBBKVTYt3vP5FMIHA==", - "requires": { - "agentkeepalive": "^3.4.1", - "cacache": "^11.3.3", - "http-cache-semantics": "^3.8.1", - "http-proxy-agent": "^2.1.0", - "https-proxy-agent": "^2.2.1", - "lru-cache": "^5.1.1", - "mississippi": "^3.0.0", - "node-fetch-npm": "^2.0.2", - "promise-retry": "^1.1.1", - "socks-proxy-agent": "^4.0.0", - "ssri": "^6.0.0" - } - } } }, "npm-registry-mock": { diff --git a/package.json b/package.json index c5e5813d1cb1a..14511136b2ac0 100644 --- a/package.json +++ b/package.json @@ -99,7 +99,7 @@ "npm-package-arg": "^6.1.0", "npm-packlist": "^1.4.4", "npm-pick-manifest": "^2.2.3", - "npm-registry-fetch": "^3.9.1", + "npm-registry-fetch": "^4.0.0", "npm-user-validate": "~1.0.0", "npmlog": "~4.1.2", "once": "~1.4.0",