From 952ea1abd26821514f21e9b43318ab0a71f0969b Mon Sep 17 00:00:00 2001 From: Matthew Davidson Date: Tue, 20 Dec 2016 13:53:27 +0000 Subject: [PATCH] Fix for #322 - require wrapper now serves only to check against dependency whitelist --- npm-shrinkwrap.json | 523 ++++++++---------- package.json | 1 + src/cli/domain/package-server-script.js | 4 +- src/registry/domain/dependencies-resolver.js | 41 -- src/registry/domain/options-sanitiser.js | 5 - src/registry/domain/require-wrapper.js | 27 +- src/resources/index.js | 5 - test/unit/cli-domain-package-server-script.js | 30 +- test/unit/registry-domain-require-wrapper.js | 67 ++- test/unit/registry-routes-component.js | 6 +- 10 files changed, 339 insertions(+), 370 deletions(-) delete mode 100644 src/registry/domain/dependencies-resolver.js diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index 5be66f107..6cbe99540 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -7,6 +7,11 @@ "from": "accept-language-parser@1.1.2", "resolved": "https://registry.npmjs.org/accept-language-parser/-/accept-language-parser-1.1.2.tgz" }, + "amdefine": { + "version": "1.0.1", + "from": "amdefine@>=0.0.4", + "resolved": "https://registry.npmjs.org/amdefine/-/amdefine-1.0.1.tgz" + }, "async": { "version": "1.5.2", "from": "async@1.5.2", @@ -158,6 +163,11 @@ "from": "basic-auth@>=1.0.3 <1.1.0", "resolved": "https://registry.npmjs.org/basic-auth/-/basic-auth-1.0.4.tgz" }, + "commander": { + "version": "2.6.0", + "from": "commander@2.6.0", + "resolved": "https://registry.npmjs.org/commander/-/commander-2.6.0.tgz" + }, "connect": { "version": "2.30.2", "from": "connect@2.30.2", @@ -219,11 +229,6 @@ "from": "bytes@2.1.0", "resolved": "https://registry.npmjs.org/bytes/-/bytes-2.1.0.tgz" }, - "cookie-parser": { - "version": "1.3.5", - "from": "cookie-parser@>=1.3.5 <1.4.0", - "resolved": "https://registry.npmjs.org/cookie-parser/-/cookie-parser-1.3.5.tgz" - }, "compression": { "version": "1.5.2", "from": "compression@>=1.5.2 <1.6.0", @@ -247,9 +252,9 @@ } }, "negotiator": { - "version": "0.6.1", - "from": "negotiator@>=0.6.1 <0.7.0", - "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.1.tgz" + "version": "0.5.3", + "from": "negotiator@0.5.3", + "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.5.3.tgz" } } }, @@ -279,6 +284,11 @@ } } }, + "cookie-parser": { + "version": "1.3.5", + "from": "cookie-parser@>=1.3.5 <1.4.0", + "resolved": "https://registry.npmjs.org/cookie-parser/-/cookie-parser-1.3.5.tgz" + }, "csurf": { "version": "1.8.3", "from": "csurf@>=1.8.3 <1.9.0", @@ -467,6 +477,11 @@ "from": "core-util-is@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz" }, + "inherits": { + "version": "2.0.1", + "from": "inherits@>=2.0.1 <2.1.0", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.1.tgz" + }, "isarray": { "version": "0.0.1", "from": "isarray@0.0.1", @@ -476,11 +491,6 @@ "version": "0.10.31", "from": "string_decoder@>=0.10.0 <0.11.0", "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz" - }, - "inherits": { - "version": "2.0.1", - "from": "inherits@>=2.0.1 <2.1.0", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.1.tgz" } } }, @@ -534,9 +544,9 @@ "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.2.13.tgz", "dependencies": { "negotiator": { - "version": "0.6.1", - "from": "negotiator@>=0.6.1 <0.7.0", - "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.1.tgz" + "version": "0.5.3", + "from": "negotiator@0.5.3", + "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.5.3.tgz" } } }, @@ -661,11 +671,6 @@ "from": "content-type@>=1.0.1 <1.1.0", "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.2.tgz" }, - "commander": { - "version": "2.6.0", - "from": "commander@2.6.0", - "resolved": "https://registry.npmjs.org/commander/-/commander-2.6.0.tgz" - }, "cookie": { "version": "0.1.3", "from": "cookie@0.1.3", @@ -852,6 +857,11 @@ "from": "form-data@0.1.4", "resolved": "https://registry.npmjs.org/form-data/-/form-data-0.1.4.tgz", "dependencies": { + "async": { + "version": "0.9.2", + "from": "async@>=0.9.0 <0.10.0", + "resolved": "https://registry.npmjs.org/async/-/async-0.9.2.tgz" + }, "combined-stream": { "version": "0.0.7", "from": "combined-stream@>=0.0.4 <0.1.0", @@ -868,11 +878,6 @@ "version": "1.2.11", "from": "mime@>=1.2.11 <1.3.0", "resolved": "https://registry.npmjs.org/mime/-/mime-1.2.11.tgz" - }, - "async": { - "version": "0.9.2", - "from": "async@>=0.9.0 <0.10.0", - "resolved": "https://registry.npmjs.org/async/-/async-0.9.2.tgz" } } }, @@ -990,15 +995,15 @@ "from": "optimist@>=0.6.1 <0.7.0", "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.6.1.tgz", "dependencies": { - "wordwrap": { - "version": "0.0.3", - "from": "wordwrap@>=0.0.2 <0.1.0", - "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz" - }, "minimist": { "version": "0.0.10", "from": "minimist@>=0.0.1 <0.1.0", "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.10.tgz" + }, + "wordwrap": { + "version": "0.0.3", + "from": "wordwrap@>=0.0.2 <0.1.0", + "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz" } } }, @@ -1018,75 +1023,89 @@ "version": "2.6.4", "from": "uglify-js@>=2.6.0 <3.0.0", "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.6.4.tgz", + "optional": true, "dependencies": { "async": { "version": "0.2.10", "from": "async@>=0.2.6 <0.3.0", - "resolved": "https://registry.npmjs.org/async/-/async-0.2.10.tgz" + "resolved": "https://registry.npmjs.org/async/-/async-0.2.10.tgz", + "optional": true }, "source-map": { "version": "0.5.6", "from": "source-map@>=0.5.1 <0.6.0", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.6.tgz" + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.6.tgz", + "optional": true }, "uglify-to-browserify": { "version": "1.0.2", "from": "uglify-to-browserify@>=1.0.0 <1.1.0", - "resolved": "https://registry.npmjs.org/uglify-to-browserify/-/uglify-to-browserify-1.0.2.tgz" + "resolved": "https://registry.npmjs.org/uglify-to-browserify/-/uglify-to-browserify-1.0.2.tgz", + "optional": true }, "yargs": { "version": "3.10.0", "from": "yargs@>=3.10.0 <3.11.0", "resolved": "https://registry.npmjs.org/yargs/-/yargs-3.10.0.tgz", + "optional": true, "dependencies": { "camelcase": { "version": "1.2.1", "from": "camelcase@>=1.0.2 <2.0.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-1.2.1.tgz" + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-1.2.1.tgz", + "optional": true }, "cliui": { "version": "2.1.0", "from": "cliui@>=2.1.0 <3.0.0", "resolved": "https://registry.npmjs.org/cliui/-/cliui-2.1.0.tgz", + "optional": true, "dependencies": { "center-align": { "version": "0.1.3", "from": "center-align@>=0.1.1 <0.2.0", "resolved": "https://registry.npmjs.org/center-align/-/center-align-0.1.3.tgz", + "optional": true, "dependencies": { "align-text": { "version": "0.1.4", "from": "align-text@>=0.1.1 <0.2.0", "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz", + "optional": true, "dependencies": { "kind-of": { "version": "3.0.3", "from": "kind-of@>=3.0.2 <4.0.0", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.0.3.tgz", + "optional": true, "dependencies": { "is-buffer": { "version": "1.1.3", "from": "is-buffer@>=1.0.2 <2.0.0", - "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.3.tgz" + "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.3.tgz", + "optional": true } } }, "longest": { "version": "1.0.1", "from": "longest@>=1.0.1 <2.0.0", - "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz" + "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz", + "optional": true }, "repeat-string": { "version": "1.5.4", "from": "repeat-string@>=1.5.2 <2.0.0", - "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.5.4.tgz" + "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.5.4.tgz", + "optional": true } } }, "lazy-cache": { "version": "1.0.4", "from": "lazy-cache@>=1.0.3 <2.0.0", - "resolved": "https://registry.npmjs.org/lazy-cache/-/lazy-cache-1.0.4.tgz" + "resolved": "https://registry.npmjs.org/lazy-cache/-/lazy-cache-1.0.4.tgz", + "optional": true } } }, @@ -1094,33 +1113,39 @@ "version": "0.1.3", "from": "right-align@>=0.1.1 <0.2.0", "resolved": "https://registry.npmjs.org/right-align/-/right-align-0.1.3.tgz", + "optional": true, "dependencies": { "align-text": { "version": "0.1.4", "from": "align-text@>=0.1.1 <0.2.0", "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz", + "optional": true, "dependencies": { "kind-of": { "version": "3.0.3", "from": "kind-of@>=3.0.2 <4.0.0", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.0.3.tgz", + "optional": true, "dependencies": { "is-buffer": { "version": "1.1.3", "from": "is-buffer@>=1.0.2 <2.0.0", - "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.3.tgz" + "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.3.tgz", + "optional": true } } }, "longest": { "version": "1.0.1", "from": "longest@>=1.0.1 <2.0.0", - "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz" + "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz", + "optional": true }, "repeat-string": { "version": "1.5.4", "from": "repeat-string@>=1.5.2 <2.0.0", - "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.5.4.tgz" + "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.5.4.tgz", + "optional": true } } } @@ -1129,19 +1154,22 @@ "wordwrap": { "version": "0.0.2", "from": "wordwrap@0.0.2", - "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.2.tgz" + "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.2.tgz", + "optional": true } } }, "decamelize": { "version": "1.2.0", "from": "decamelize@>=1.0.0 <2.0.0", - "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz" + "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz", + "optional": true }, "window-size": { "version": "0.1.0", "from": "window-size@0.1.0", - "resolved": "https://registry.npmjs.org/window-size/-/window-size-0.1.0.tgz" + "resolved": "https://registry.npmjs.org/window-size/-/window-size-0.1.0.tgz", + "optional": true } } } @@ -1212,23 +1240,21 @@ } } }, + "optimist": { + "version": "0.3.7", + "from": "optimist@>=0.3.5 <0.4.0", + "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.3.7.tgz" + }, + "source-map": { + "version": "0.1.43", + "from": "source-map@>=0.1.7 <0.2.0", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.1.43.tgz" + }, "transformers": { "version": "2.1.0", "from": "transformers@2.1.0", "resolved": "https://registry.npmjs.org/transformers/-/transformers-2.1.0.tgz", "dependencies": { - "promise": { - "version": "2.0.0", - "from": "promise@>=2.0.0 <2.1.0", - "resolved": "https://registry.npmjs.org/promise/-/promise-2.0.0.tgz", - "dependencies": { - "is-promise": { - "version": "1.0.1", - "from": "is-promise@>=1.0.0 <2.0.0", - "resolved": "https://registry.npmjs.org/is-promise/-/is-promise-1.0.1.tgz" - } - } - }, "css": { "version": "1.0.8", "from": "css@>=1.0.8 <1.1.0", @@ -1246,138 +1272,22 @@ } } }, - "uglify-js": { - "version": "2.6.4", - "from": "uglify-js@2.6.4", - "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.6.4.tgz", + "promise": { + "version": "2.0.0", + "from": "promise@>=2.0.0 <2.1.0", + "resolved": "https://registry.npmjs.org/promise/-/promise-2.0.0.tgz", "dependencies": { - "async": { - "version": "0.2.10", - "from": "async@>=0.2.6 <0.3.0", - "resolved": "https://registry.npmjs.org/async/-/async-0.2.10.tgz" - }, - "source-map": { - "version": "0.5.6", - "from": "source-map@>=0.5.1 <0.6.0", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.6.tgz" - }, - "uglify-to-browserify": { - "version": "1.0.2", - "from": "uglify-to-browserify@>=1.0.0 <1.1.0", - "resolved": "https://registry.npmjs.org/uglify-to-browserify/-/uglify-to-browserify-1.0.2.tgz" - }, - "yargs": { - "version": "3.10.0", - "from": "yargs@>=3.10.0 <3.11.0", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-3.10.0.tgz", - "dependencies": { - "camelcase": { - "version": "1.2.1", - "from": "camelcase@>=1.0.2 <2.0.0", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-1.2.1.tgz" - }, - "cliui": { - "version": "2.1.0", - "from": "cliui@>=2.1.0 <3.0.0", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-2.1.0.tgz", - "dependencies": { - "center-align": { - "version": "0.1.3", - "from": "center-align@>=0.1.1 <0.2.0", - "resolved": "https://registry.npmjs.org/center-align/-/center-align-0.1.3.tgz", - "dependencies": { - "align-text": { - "version": "0.1.4", - "from": "align-text@>=0.1.1 <0.2.0", - "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz", - "dependencies": { - "kind-of": { - "version": "3.0.3", - "from": "kind-of@>=3.0.2 <4.0.0", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.0.3.tgz", - "dependencies": { - "is-buffer": { - "version": "1.1.3", - "from": "is-buffer@>=1.0.2 <2.0.0", - "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.3.tgz" - } - } - }, - "longest": { - "version": "1.0.1", - "from": "longest@>=1.0.1 <2.0.0", - "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz" - }, - "repeat-string": { - "version": "1.5.4", - "from": "repeat-string@>=1.5.2 <2.0.0", - "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.5.4.tgz" - } - } - }, - "lazy-cache": { - "version": "1.0.4", - "from": "lazy-cache@>=1.0.3 <2.0.0", - "resolved": "https://registry.npmjs.org/lazy-cache/-/lazy-cache-1.0.4.tgz" - } - } - }, - "right-align": { - "version": "0.1.3", - "from": "right-align@>=0.1.1 <0.2.0", - "resolved": "https://registry.npmjs.org/right-align/-/right-align-0.1.3.tgz", - "dependencies": { - "align-text": { - "version": "0.1.4", - "from": "align-text@>=0.1.1 <0.2.0", - "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz", - "dependencies": { - "kind-of": { - "version": "3.0.3", - "from": "kind-of@>=3.0.2 <4.0.0", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.0.3.tgz", - "dependencies": { - "is-buffer": { - "version": "1.1.3", - "from": "is-buffer@>=1.0.2 <2.0.0", - "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.3.tgz" - } - } - }, - "longest": { - "version": "1.0.1", - "from": "longest@>=1.0.1 <2.0.0", - "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz" - }, - "repeat-string": { - "version": "1.5.4", - "from": "repeat-string@>=1.5.2 <2.0.0", - "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.5.4.tgz" - } - } - } - } - }, - "wordwrap": { - "version": "0.0.2", - "from": "wordwrap@0.0.2", - "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.2.tgz" - } - } - }, - "decamelize": { - "version": "1.2.0", - "from": "decamelize@>=1.0.0 <2.0.0", - "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz" - }, - "window-size": { - "version": "0.1.0", - "from": "window-size@0.1.0", - "resolved": "https://registry.npmjs.org/window-size/-/window-size-0.1.0.tgz" - } - } + "is-promise": { + "version": "1.0.1", + "from": "is-promise@>=1.0.0 <2.0.0", + "resolved": "https://registry.npmjs.org/is-promise/-/is-promise-1.0.1.tgz" } } + }, + "uglify-js": { + "version": "2.2.5", + "from": "uglify-js@>=2.2.5 <2.3.0", + "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.2.5.tgz" } } }, @@ -1449,6 +1359,11 @@ "from": "core-util-is@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz" }, + "inherits": { + "version": "2.0.1", + "from": "inherits@>=2.0.1 <2.1.0", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.1.tgz" + }, "isarray": { "version": "0.0.1", "from": "isarray@0.0.1", @@ -1458,11 +1373,6 @@ "version": "0.10.31", "from": "string_decoder@>=0.10.0 <0.11.0", "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz" - }, - "inherits": { - "version": "2.0.1", - "from": "inherits@>=2.0.1 <2.1.0", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.1.tgz" } } } @@ -1521,32 +1431,32 @@ "from": "nomnom@1.8.1", "resolved": "https://registry.npmjs.org/nomnom/-/nomnom-1.8.1.tgz", "dependencies": { - "underscore": { - "version": "1.6.0", - "from": "underscore@>=1.6.0 <1.7.0", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.6.0.tgz" - }, "chalk": { "version": "0.4.0", "from": "chalk@>=0.4.0 <0.5.0", "resolved": "https://registry.npmjs.org/chalk/-/chalk-0.4.0.tgz", "dependencies": { - "has-color": { - "version": "0.1.7", - "from": "has-color@>=0.1.0 <0.2.0", - "resolved": "https://registry.npmjs.org/has-color/-/has-color-0.1.7.tgz" - }, "ansi-styles": { "version": "1.0.0", "from": "ansi-styles@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-1.0.0.tgz" }, + "has-color": { + "version": "0.1.7", + "from": "has-color@>=0.1.0 <0.2.0", + "resolved": "https://registry.npmjs.org/has-color/-/has-color-0.1.7.tgz" + }, "strip-ansi": { "version": "0.1.1", "from": "strip-ansi@>=0.1.0 <0.2.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-0.1.1.tgz" } } + }, + "underscore": { + "version": "1.6.0", + "from": "underscore@>=1.6.0 <1.7.0", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.6.0.tgz" } } }, @@ -1560,6 +1470,11 @@ "from": "abbrev@1.0.9", "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.0.9.tgz" }, + "ansi-regex": { + "version": "2.0.0", + "from": "ansi-regex@2.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz" + }, "ansicolors": { "version": "0.3.2", "from": "ansicolors@>=0.3.2 <0.4.0", @@ -1633,6 +1548,11 @@ } } }, + "debuglog": { + "version": "1.0.1", + "from": "debuglog@1.0.1", + "resolved": "https://registry.npmjs.org/debuglog/-/debuglog-1.0.1.tgz" + }, "dezalgo": { "version": "1.0.3", "from": "dezalgo@>=1.0.3 <1.1.0" @@ -1755,6 +1675,11 @@ "from": "iferr@>=0.1.5 <0.2.0", "resolved": "https://registry.npmjs.org/iferr/-/iferr-0.1.5.tgz" }, + "imurmurhash": { + "version": "0.1.4", + "from": "imurmurhash@>=0.1.4 <0.2.0", + "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz" + }, "inflight": { "version": "1.0.5", "from": "inflight@latest", @@ -1821,6 +1746,11 @@ "from": "lockfile@>=1.0.1 <1.1.0", "resolved": "https://registry.npmjs.org/lockfile/-/lockfile-1.0.1.tgz" }, + "lodash._baseindexof": { + "version": "3.1.0", + "from": "lodash._baseindexof@3.1.0", + "resolved": "https://registry.npmjs.org/lodash._baseindexof/-/lodash._baseindexof-3.1.0.tgz" + }, "lodash._baseuniq": { "version": "4.6.0", "from": "lodash._baseuniq@latest", @@ -1838,11 +1768,36 @@ } } }, + "lodash._bindcallback": { + "version": "3.0.1", + "from": "lodash._bindcallback@3.0.1", + "resolved": "https://registry.npmjs.org/lodash._bindcallback/-/lodash._bindcallback-3.0.1.tgz" + }, + "lodash._cacheindexof": { + "version": "3.0.2", + "from": "lodash._cacheindexof@3.0.2", + "resolved": "https://registry.npmjs.org/lodash._cacheindexof/-/lodash._cacheindexof-3.0.2.tgz" + }, + "lodash._createcache": { + "version": "3.1.2", + "from": "lodash._createcache@3.1.2", + "resolved": "https://registry.npmjs.org/lodash._createcache/-/lodash._createcache-3.1.2.tgz" + }, + "lodash._getnative": { + "version": "3.9.1", + "from": "lodash._getnative@3.9.1", + "resolved": "https://registry.npmjs.org/lodash._getnative/-/lodash._getnative-3.9.1.tgz" + }, "lodash.clonedeep": { "version": "4.5.0", "from": "lodash.clonedeep@4.5.0", "resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz" }, + "lodash.restparam": { + "version": "3.6.1", + "from": "lodash.restparam@3.6.1", + "resolved": "https://registry.npmjs.org/lodash.restparam/-/lodash.restparam-3.6.1.tgz" + }, "lodash.union": { "version": "4.6.0", "from": "lodash.union@4.6.0", @@ -2129,16 +2084,19 @@ "version": "3.1.2", "from": "npmlog@>=2.0.0 <2.1.0||>=3.1.0 <3.2.0", "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-3.1.2.tgz", + "optional": true, "dependencies": { "are-we-there-yet": { "version": "1.1.2", "from": "are-we-there-yet@~1.1.2", "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-1.1.2.tgz", + "optional": true, "dependencies": { "delegates": { "version": "1.0.0", "from": "delegates@^1.0.0", - "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz" + "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", + "optional": true } } }, @@ -2151,21 +2109,25 @@ "version": "2.6.0", "from": "gauge@~2.6.0", "resolved": "https://registry.npmjs.org/gauge/-/gauge-2.6.0.tgz", + "optional": true, "dependencies": { "has-color": { "version": "0.1.7", "from": "has-color@^0.1.7", - "resolved": "https://registry.npmjs.org/has-color/-/has-color-0.1.7.tgz" + "resolved": "https://registry.npmjs.org/has-color/-/has-color-0.1.7.tgz", + "optional": true }, "object-assign": { "version": "4.1.0", "from": "object-assign@^4.1.0", - "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.0.tgz" + "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.0.tgz", + "optional": true }, "signal-exit": { "version": "3.0.0", "from": "signal-exit@^3.0.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.0.tgz" + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.0.tgz", + "optional": true }, "string-width": { "version": "1.0.2", @@ -2201,14 +2163,16 @@ "wide-align": { "version": "1.1.0", "from": "wide-align@^1.1.0", - "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.0.tgz" + "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.0.tgz", + "optional": true } } }, "set-blocking": { "version": "2.0.0", "from": "set-blocking@~2.0.0", - "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz" + "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", + "optional": true } } }, @@ -2465,6 +2429,11 @@ } } }, + "readdir-scoped-modules": { + "version": "1.0.2", + "from": "readdir-scoped-modules@1.0.2", + "resolved": "https://registry.npmjs.org/readdir-scoped-modules/-/readdir-scoped-modules-1.0.2.tgz" + }, "realize-package-specifier": { "version": "3.0.3", "from": "realize-package-specifier@>=3.0.2 <3.1.0" @@ -2736,7 +2705,8 @@ "ecc-jsbn": { "version": "0.1.1", "from": "ecc-jsbn@>=0.1.1 <0.2.0", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz" + "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz", + "optional": true }, "getpass": { "version": "0.1.6", @@ -2746,17 +2716,20 @@ "jodid25519": { "version": "1.0.2", "from": "jodid25519@>=1.0.0 <2.0.0", - "resolved": "https://registry.npmjs.org/jodid25519/-/jodid25519-1.0.2.tgz" + "resolved": "https://registry.npmjs.org/jodid25519/-/jodid25519-1.0.2.tgz", + "optional": true }, "jsbn": { "version": "0.1.0", "from": "jsbn@>=0.1.0 <0.2.0", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.0.tgz" + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.0.tgz", + "optional": true }, "tweetnacl": { "version": "0.13.3", "from": "tweetnacl@>=0.13.0 <0.14.0", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.13.3.tgz" + "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.13.3.tgz", + "optional": true } } } @@ -2899,90 +2872,6 @@ "from": "unpipe@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz" }, - "validate-npm-package-name": { - "version": "2.2.2", - "from": "validate-npm-package-name@>=2.2.2 <2.3.0", - "resolved": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-2.2.2.tgz", - "dependencies": { - "builtins": { - "version": "0.0.7", - "from": "builtins@0.0.7", - "resolved": "https://registry.npmjs.org/builtins/-/builtins-0.0.7.tgz" - } - } - }, - "which": { - "version": "1.2.11", - "from": "which@1.2.11", - "resolved": "https://registry.npmjs.org/which/-/which-1.2.11.tgz", - "dependencies": { - "isexe": { - "version": "1.1.2", - "from": "isexe@>=1.1.1 <2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-1.1.2.tgz" - } - } - }, - "wrappy": { - "version": "1.0.2", - "from": "wrappy@latest", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz" - }, - "write-file-atomic": { - "version": "1.2.0", - "from": "write-file-atomic@1.2.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-1.2.0.tgz" - }, - "ansi-regex": { - "version": "2.0.0", - "from": "ansi-regex@2.0.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz" - }, - "debuglog": { - "version": "1.0.1", - "from": "debuglog@1.0.1", - "resolved": "https://registry.npmjs.org/debuglog/-/debuglog-1.0.1.tgz" - }, - "imurmurhash": { - "version": "0.1.4", - "from": "imurmurhash@>=0.1.4 <0.2.0", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz" - }, - "lodash._baseindexof": { - "version": "3.1.0", - "from": "lodash._baseindexof@3.1.0", - "resolved": "https://registry.npmjs.org/lodash._baseindexof/-/lodash._baseindexof-3.1.0.tgz" - }, - "lodash._bindcallback": { - "version": "3.0.1", - "from": "lodash._bindcallback@3.0.1", - "resolved": "https://registry.npmjs.org/lodash._bindcallback/-/lodash._bindcallback-3.0.1.tgz" - }, - "lodash._cacheindexof": { - "version": "3.0.2", - "from": "lodash._cacheindexof@3.0.2", - "resolved": "https://registry.npmjs.org/lodash._cacheindexof/-/lodash._cacheindexof-3.0.2.tgz" - }, - "lodash._createcache": { - "version": "3.1.2", - "from": "lodash._createcache@3.1.2", - "resolved": "https://registry.npmjs.org/lodash._createcache/-/lodash._createcache-3.1.2.tgz" - }, - "lodash._getnative": { - "version": "3.9.1", - "from": "lodash._getnative@3.9.1", - "resolved": "https://registry.npmjs.org/lodash._getnative/-/lodash._getnative-3.9.1.tgz" - }, - "lodash.restparam": { - "version": "3.6.1", - "from": "lodash.restparam@3.6.1", - "resolved": "https://registry.npmjs.org/lodash.restparam/-/lodash.restparam-3.6.1.tgz" - }, - "readdir-scoped-modules": { - "version": "1.0.2", - "from": "readdir-scoped-modules@1.0.2", - "resolved": "https://registry.npmjs.org/readdir-scoped-modules/-/readdir-scoped-modules-1.0.2.tgz" - }, "validate-npm-package-license": { "version": "3.0.1", "from": "validate-npm-package-license@3.0.1", @@ -3017,6 +2906,40 @@ } } } + }, + "validate-npm-package-name": { + "version": "2.2.2", + "from": "validate-npm-package-name@>=2.2.2 <2.3.0", + "resolved": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-2.2.2.tgz", + "dependencies": { + "builtins": { + "version": "0.0.7", + "from": "builtins@0.0.7", + "resolved": "https://registry.npmjs.org/builtins/-/builtins-0.0.7.tgz" + } + } + }, + "which": { + "version": "1.2.11", + "from": "which@1.2.11", + "resolved": "https://registry.npmjs.org/which/-/which-1.2.11.tgz", + "dependencies": { + "isexe": { + "version": "1.1.2", + "from": "isexe@>=1.1.1 <2.0.0", + "resolved": "https://registry.npmjs.org/isexe/-/isexe-1.1.2.tgz" + } + } + }, + "wrappy": { + "version": "1.0.2", + "from": "wrappy@latest", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz" + }, + "write-file-atomic": { + "version": "1.2.0", + "from": "write-file-atomic@1.2.0", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-1.2.0.tgz" } } }, @@ -3066,6 +2989,11 @@ } } }, + "require-package-name": { + "version": "2.0.1", + "from": "require-package-name@latest", + "resolved": "https://registry.npmjs.org/require-package-name/-/require-package-name-2.0.1.tgz" + }, "semver": { "version": "5.1.1", "from": "semver@5.1.1", @@ -3418,6 +3346,11 @@ "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz" } } + }, + "wordwrap": { + "version": "0.0.3", + "from": "wordwrap@>=0.0.2 <0.1.0", + "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz" } } } diff --git a/package.json b/package.json index afa0d0df3..9453d98a9 100644 --- a/package.json +++ b/package.json @@ -72,6 +72,7 @@ "opn": "4.0.2", "parse-author": "1.0.0", "read": "1.0.7", + "require-package-name": "2.0.1", "semver": "5.1.1", "stringformat": "0.0.5", "targz": "1.0.1", diff --git a/src/cli/domain/package-server-script.js b/src/cli/domain/package-server-script.js index f7e424679..2503415eb 100644 --- a/src/cli/domain/package-server-script.js +++ b/src/cli/domain/package-server-script.js @@ -7,6 +7,7 @@ var path = require('path'); var uglifyJs = require('uglify-js'); var falafel = require('falafel'); var _ = require('underscore'); +var requirePackageName = require('require-package-name'); var config = require('../../resources/settings'); var hashBuilder = require('../../utils/hash-builder'); @@ -75,7 +76,8 @@ var getLocalDependencies = function(componentPath, serverContent, fileName){ if(isLocalFile(required)) { requires.files[required] = getRequiredContent(componentPath, required); } else { - requires.modules.push(required); + var packageName = requirePackageName(required); + requires.modules.push(packageName); } }); diff --git a/src/registry/domain/dependencies-resolver.js b/src/registry/domain/dependencies-resolver.js deleted file mode 100644 index 29b1bc04c..000000000 --- a/src/registry/domain/dependencies-resolver.js +++ /dev/null @@ -1,41 +0,0 @@ -'use strict'; - -var colors = require('colors'); -var fs = require('fs-extra'); -var path = require('path'); -var _ = require('underscore'); - -var strings = require('../../resources'); - -module.exports = function(options){ - var logger = !!options.verbosity ? console : { log: _.noop }, - depObj = {}; - - logger.log(strings.messages.registry.RESOLVING_DEPENDENCIES.yellow); - - _.forEach(options.dependencies, function(dependency){ - var dependencyName = dependency, - ix = dependency.indexOf('@'); - if (ix > 0) { - dependencyName = dependency.substr(0, ix); - } - var dependenciesBasePath = path.resolve('.', 'node_modules'), - dependencyPath = path.resolve(dependenciesBasePath, dependencyName), - packagePath = path.resolve(dependencyPath, 'package.json'); - - if(!fs.existsSync(packagePath)){ - logger.log((dependency + ' => ').yellow + strings.errors.registry.GENERIC_NOT_FOUND.red); - throw strings.errors.registry.CONFIGURATION_A_DEPENDENCY_NOT_FOUND; - } else { - try { - depObj[dependency] = require(dependencyPath); - logger.log('├── '.green + dependencyName + '@' + fs.readJsonSync(packagePath).version); - } catch(e){ - logger.log((dependency + ' => ').yellow + strings.errors.registry.GENERIC_ERROR.red); - throw e; - } - } - }); - - return depObj; -}; diff --git a/src/registry/domain/options-sanitiser.js b/src/registry/domain/options-sanitiser.js index 47b4cf721..86533734c 100644 --- a/src/registry/domain/options-sanitiser.js +++ b/src/registry/domain/options-sanitiser.js @@ -3,7 +3,6 @@ var express = require('express'); var _ = require('underscore'); -var dependenciesResolver = require('./dependencies-resolver'); var settings = require('../../resources/settings'); var auth = require('./authentication'); @@ -30,10 +29,6 @@ module.exports = function(input){ options.tempDir = settings.registry.defaultTempPath; } - if(!!options.dependencies){ - options.dependencies = dependenciesResolver(options); - } - if(!_.isBoolean(options.hotReloading)){ options.hotReloading = !!options.local; } diff --git a/src/registry/domain/require-wrapper.js b/src/registry/domain/require-wrapper.js index a95a9caea..684ded9db 100644 --- a/src/registry/domain/require-wrapper.js +++ b/src/registry/domain/require-wrapper.js @@ -1,18 +1,33 @@ 'use strict'; +var path = require('path'); +var fs = require('fs-extra'); var _ = require('underscore'); +var requirePackageName = require('require-package-name'); var strings = require('../../resources'); module.exports = function(injectedDependencies){ - return function(moduleName){ - if(!!injectedDependencies && _.has(injectedDependencies, moduleName)){ - return injectedDependencies[moduleName]; - } else { + return function(requirePath){ + var moduleName = requirePackageName(requirePath); + + if(!_.contains(injectedDependencies, moduleName)){ throw { code: strings.errors.registry.DEPENDENCY_NOT_FOUND_CODE, missing: [moduleName] - }; + }; + } + + var nodeModulesPath = path.resolve('.', 'node_modules'); + var modulePath = path.resolve(nodeModulesPath, requirePath); + + try { + return require(modulePath); + } catch (e) { + throw { + code: strings.errors.registry.DEPENDENCY_NOT_FOUND_CODE, + missing: [modulePath] + }; } }; -}; \ No newline at end of file +}; diff --git a/src/resources/index.js b/src/resources/index.js index b3b8dd917..c0a5f8ffe 100644 --- a/src/resources/index.js +++ b/src/resources/index.js @@ -27,7 +27,6 @@ module.exports = { COMPONENT_VERSION_NOT_VALID: 'Version "{0}" is not a valid semantic version.', COMPONENT_VERSION_NOT_VALID_CODE: 'version_not_valid', CONFIGURATION_DEPENDENCIES_MUST_BE_ARRAY: 'Registry configuration is not valid: dependencies must be an array', - CONFIGURATION_A_DEPENDENCY_NOT_FOUND: 'Registry configuration is not valid: a dependency is not valid.', CONFIGURATION_EMPTY: 'Registry configuration is empty', CONFIGURATION_ONREQUEST_MUST_BE_FUNCTION: 'Registry configuration is not valid: registry.on\'s callback must be a function', CONFIGURATION_PUBLISH_BASIC_AUTH_CREDENTIALS_MISSING: 'Registry configuration is not valid: basic auth requires username and password', @@ -44,7 +43,6 @@ module.exports = { LOCAL_PUBLISH_NOT_ALLOWED: 'Components can\'t be published to local repository', LOCAL_PUBLISH_NOT_ALLOWED_CODE: 'not_allowed', GENERIC_ERROR: 'error!', - GENERIC_NOT_FOUND: 'not found!', MANDATORY_PARAMETER_MISSING: 'Expected mandatory parameters are missing: {0}', MANDATORY_PARAMETER_MISSING_CODE: 'missing', NESTED_RENDERER_CALLBACK_IS_NOT_VALID: 'callback is not valid', @@ -120,9 +118,6 @@ module.exports = { REGISTRY_STARTING: 'Starting dev registry on {0} ...', RETRYING_10_SECONDS: 'Retrying in 10 seconds...', SCANNING_COMPONENTS: 'Looking for components...' - }, - registry: { - RESOLVING_DEPENDENCIES: 'Resolving dependencies...' } } }; diff --git a/test/unit/cli-domain-package-server-script.js b/test/unit/cli-domain-package-server-script.js index a9cf6670a..2193464be 100644 --- a/test/unit/cli-domain-package-server-script.js +++ b/test/unit/cli-domain-package-server-script.js @@ -127,7 +127,7 @@ describe('cli : domain : package-server-script', function(){ }); }); - describe('when component requires a module', function(){ + describe('when component requires an npm module', function(){ var error, serverjs = 'var data=require(\'request\');module.exports.data=function(context,cb){return cb(null,data); };'; @@ -155,6 +155,34 @@ describe('cli : domain : package-server-script', function(){ }); }); + describe('when component requires a relative path from an npm module', function(){ + + var error, + serverjs = 'var data=require(\'react-dom/server\');module.exports.data=function(context,cb){return cb(null,data); };'; + + beforeEach(function(done){ + + initialise({ readFileSync: sinon.stub().returns(serverjs) }); + + packageServerScript({ + componentPath: '/path/to/component/', + ocOptions: { + files: { + data: 'server.js' + } + }, + publishPath: '/path/to/component/_package/' + }, function(e, r){ + error = e; + done(); + }); + }); + + it('should throw an error when the dependency is not present in the package.json', function(){ + expect(error.toString()).to.equal('Error: Missing dependencies from package.json => ["react-dom"]'); + }); + }); + describe('when component requires a js file', function(){ var serverjs = 'var data=require(\'./hi.js\');module.exports.data=function(context,cb){return cb(null,data); };', diff --git a/test/unit/registry-domain-require-wrapper.js b/test/unit/registry-domain-require-wrapper.js index 98a177778..ffd82865c 100644 --- a/test/unit/registry-domain-require-wrapper.js +++ b/test/unit/registry-domain-require-wrapper.js @@ -9,16 +9,31 @@ describe('registry : domain : require-wrapper', function(){ describe('when using the require wrapper in a clear context', function(){ - describe('when injecting a dependency', function(){ - - var dependencies = { - 'some-module': { - someFunction: function(name){ - return 'hello ' + name; - } - } + describe('when requiring a dependency', function(){ + + var dependencies = [ + 'underscore' + ]; + + var context = { + require: new RequireWrapper(dependencies), + result: null }; + var script = 'var _ = require(\'underscore\');\n' + + 'result = _.first([5, 4, 3, 2, 1]);'; + + vm.runInNewContext(script, context); + + it('should correctly make the dependency require-able', function(){ + expect(context.result).to.eql(5); + }); + }); + + describe('when requiring an unrecognised dependency', function(){ + + var dependencies = []; + var context = { require: new RequireWrapper(dependencies), result: null @@ -27,24 +42,50 @@ describe('registry : domain : require-wrapper', function(){ var script = 'var someModule = require(\'some-module\');\n' + 'result = someModule.someFunction(\'John Doe\');'; + it('should correctly throw an error', function(){ + expect(function(){ + return vm.runInNewContext(script, context); + }).to.throw({ + code: 'DEPENDENCY_MISSING_FROM_REGISTRY', + missing: ['someModule'] + }); + }); + }); + + describe('when requiring a dependency with a relative path', function(){ + + var dependencies = [ + 'underscore' + ]; + + var context = { + require: new RequireWrapper(dependencies), + result: null + }; + + var script = 'var _ = require(\'underscore/underscore\');\n' + + 'result = _.first([5, 4, 3, 2, 1]);'; + vm.runInNewContext(script, context); it('should correctly make the dependency require-able', function(){ - expect(context.result).to.eql('hello John Doe'); + expect(context.result).to.eql(5); }); }); - describe('when requiring un-injected dependency', function(){ + describe('when requiring a dependency with a relative path that does not exist', function(){ - var dependencies = {}; + var dependencies = [ + 'underscore' + ]; var context = { require: new RequireWrapper(dependencies), result: null }; - var script = 'var someModule = require(\'some-module\');\n' + - 'result = someModule.someFunction(\'John Doe\');'; + var script = 'var _ = require(\'underscore/foo\');\n' + + 'result = _.first([5, 4, 3, 2, 1]);'; it('should correctly throw an error', function(){ expect(function(){ diff --git a/test/unit/registry-routes-component.js b/test/unit/registry-routes-component.js index a26b63fe3..f19d643f5 100644 --- a/test/unit/registry-routes-component.js +++ b/test/unit/registry-routes-component.js @@ -356,9 +356,9 @@ describe('registry : routes : component', function(){ local: true, //needed to invalidate the cache baseUrl: 'http://components.com/', plugins: {}, - dependencies: { - underscore: require('underscore') - } + dependencies: [ + 'underscore' + ] }, json: resJsonStub });