Skip to content

Commit

Permalink
deps!: pacote@21.0.0
Browse files Browse the repository at this point in the history
BREAKING CHANGE: `bun.lockb` files are now included in the strict ignore list during packing
  • Loading branch information
wraithgar committed Dec 2, 2024
1 parent 4906f3d commit ca84b22
Show file tree
Hide file tree
Showing 32 changed files with 2,467 additions and 40 deletions.
2 changes: 1 addition & 1 deletion mock-registry/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@
"json-stringify-safe": "^5.0.1",
"nock": "^13.3.3",
"npm-package-arg": "^12.0.0",
"pacote": "^20.0.0",
"pacote": "^21.0.0",
"tap": "^16.3.8"
}
}
8 changes: 5 additions & 3 deletions node_modules/.gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,10 @@
!/@npmcli/installed-package-contents
!/@npmcli/map-workspaces
!/@npmcli/metavuln-calculator
!/@npmcli/metavuln-calculator/node_modules/
/@npmcli/metavuln-calculator/node_modules/*
!/@npmcli/metavuln-calculator/node_modules/npm-packlist
!/@npmcli/metavuln-calculator/node_modules/pacote
!/@npmcli/name-from-folder
!/@npmcli/node-gyp
!/@npmcli/package-json
Expand Down Expand Up @@ -175,6 +179,7 @@
!/npm-install-checks
!/npm-normalize-package-bin
!/npm-package-arg
!/npm-packlist
!/npm-pick-manifest
!/npm-profile
!/npm-registry-fetch
Expand All @@ -185,9 +190,6 @@
!/p-map
!/package-json-from-dist
!/pacote
!/pacote/node_modules/
/pacote/node_modules/*
!/pacote/node_modules/npm-packlist
!/parse-conflict-json
!/path-key
!/path-scurry
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
The ISC License

Copyright (c) Isaac Z. Schlueter, Kat Marchán, npm, Inc., and Contributors

Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
Original file line number Diff line number Diff line change
@@ -0,0 +1,158 @@
#!/usr/bin/env node

const run = conf => {
const pacote = require('../')
switch (conf._[0]) {
case 'resolve':
case 'manifest':
case 'packument':
if (conf._[0] === 'resolve' && conf.long) {
return pacote.manifest(conf._[1], conf).then(mani => ({
resolved: mani._resolved,
integrity: mani._integrity,
from: mani._from,
}))
}
return pacote[conf._[0]](conf._[1], conf)

case 'tarball':
if (!conf._[2] || conf._[2] === '-') {
return pacote.tarball.stream(conf._[1], stream => {
stream.pipe(
conf.testStdout ||
/* istanbul ignore next */
process.stdout
)
// make sure it resolves something falsey
return stream.promise().then(() => {
return false
})
}, conf)
} else {
return pacote.tarball.file(conf._[1], conf._[2], conf)
}

case 'extract':
return pacote.extract(conf._[1], conf._[2], conf)

default: /* istanbul ignore next */ {
throw new Error(`bad command: ${conf._[0]}`)
}
}
}

const version = require('../package.json').version
const usage = () =>
`Pacote - The JavaScript Package Handler, v${version}
Usage:
pacote resolve <spec>
Resolve a specifier and output the fully resolved target
Returns integrity and from if '--long' flag is set.
pacote manifest <spec>
Fetch a manifest and print to stdout
pacote packument <spec>
Fetch a full packument and print to stdout
pacote tarball <spec> [<filename>]
Fetch a package tarball and save to <filename>
If <filename> is missing or '-', the tarball will be streamed to stdout.
pacote extract <spec> <folder>
Extract a package to the destination folder.
Configuration values all match the names of configs passed to npm, or
options passed to Pacote. Additional flags for this executable:
--long Print an object from 'resolve', including integrity and spec.
--json Print result objects as JSON rather than node's default.
(This is the default if stdout is not a TTY.)
--help -h Print this helpful text.
For example '--cache=/path/to/folder' will use that folder as the cache.
`

const shouldJSON = (conf, result) =>
conf.json ||
!process.stdout.isTTY &&
conf.json === undefined &&
result &&
typeof result === 'object'

const pretty = (conf, result) =>
shouldJSON(conf, result) ? JSON.stringify(result, 0, 2) : result

let addedLogListener = false
const main = args => {
const conf = parse(args)
if (conf.help || conf.h) {
return console.log(usage())
}

if (!addedLogListener) {
process.on('log', console.error)
addedLogListener = true
}

try {
return run(conf)
.then(result => result && console.log(pretty(conf, result)))
.catch(er => {
console.error(er)
process.exit(1)
})
} catch (er) {
console.error(er.message)
console.error(usage())
}
}

const parseArg = arg => {
const split = arg.slice(2).split('=')
const k = split.shift()
const v = split.join('=')
const no = /^no-/.test(k) && !v
const key = (no ? k.slice(3) : k)
.replace(/^tag$/, 'defaultTag')
.replace(/-([a-z])/g, (_, c) => c.toUpperCase())
const value = v ? v.replace(/^~/, process.env.HOME) : !no
return { key, value }
}

const parse = args => {
const conf = {
_: [],
cache: process.env.HOME + '/.npm/_cacache',
}
let dashdash = false
args.forEach(arg => {
if (dashdash) {
conf._.push(arg)
} else if (arg === '--') {
dashdash = true
} else if (arg === '-h') {
conf.help = true
} else if (/^--/.test(arg)) {
const { key, value } = parseArg(arg)
conf[key] = value
} else {
conf._.push(arg)
}
})
return conf
}

if (module === require.main) {
main(process.argv.slice(2))
} else {
module.exports = {
main,
run,
usage,
parseArg,
parse,
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
const { resolve } = require('node:path')
const packlist = require('npm-packlist')
const runScript = require('@npmcli/run-script')
const tar = require('tar')
const { Minipass } = require('minipass')
const Fetcher = require('./fetcher.js')
const FileFetcher = require('./file.js')
const _ = require('./util/protected.js')
const tarCreateOptions = require('./util/tar-create-options.js')

class DirFetcher extends Fetcher {
constructor (spec, opts) {
super(spec, opts)
// just the fully resolved filename
this.resolved = this.spec.fetchSpec

this.tree = opts.tree || null
this.Arborist = opts.Arborist || null
}

// exposes tarCreateOptions as public API
static tarCreateOptions (manifest) {
return tarCreateOptions(manifest)
}

get types () {
return ['directory']
}

#prepareDir () {
return this.manifest().then(mani => {
if (!mani.scripts || !mani.scripts.prepare) {
return
}
if (this.opts.ignoreScripts) {
return
}

// we *only* run prepare.
// pre/post-pack is run by the npm CLI for publish and pack,
// but this function is *also* run when installing git deps
const stdio = this.opts.foregroundScripts ? 'inherit' : 'pipe'

return runScript({
// this || undefined is because runScript will be unhappy with the default null value
scriptShell: this.opts.scriptShell || undefined,
pkg: mani,
event: 'prepare',
path: this.resolved,
stdio,
env: {
npm_package_resolved: this.resolved,
npm_package_integrity: this.integrity,
npm_package_json: resolve(this.resolved, 'package.json'),
},
})
})
}

[_.tarballFromResolved] () {
if (!this.tree && !this.Arborist) {
throw new Error('DirFetcher requires either a tree or an Arborist constructor to pack')
}

const stream = new Minipass()
stream.resolved = this.resolved
stream.integrity = this.integrity

const { prefix, workspaces } = this.opts

// run the prepare script, get the list of files, and tar it up
// pipe to the stream, and proxy errors the chain.
this.#prepareDir()
.then(async () => {
if (!this.tree) {
const arb = new this.Arborist({ path: this.resolved })
this.tree = await arb.loadActual()
}
return packlist(this.tree, { path: this.resolved, prefix, workspaces })
})
.then(files => tar.c(tarCreateOptions(this.package), files)
.on('error', er => stream.emit('error', er)).pipe(stream))
.catch(er => stream.emit('error', er))
return stream
}

manifest () {
if (this.package) {
return Promise.resolve(this.package)
}

return this[_.readPackageJson](this.resolved)
.then(mani => this.package = {
...mani,
_integrity: this.integrity && String(this.integrity),
_resolved: this.resolved,
_from: this.from,
})
}

packument () {
return FileFetcher.prototype.packument.apply(this)
}
}
module.exports = DirFetcher
Loading

0 comments on commit ca84b22

Please sign in to comment.