diff options
| author | Kat Marchán <kzm@zkat.tech> | 2018-08-16 00:00:58 +0300 |
|---|---|---|
| committer | Kat Marchán <kzm@zkat.tech> | 2018-12-11 01:55:24 +0300 |
| commit | 1c769c9b3e431d324c1a5b6dd10e1fddb5cb88c7 (patch) | |
| tree | 80a1b262be21712d549133beba9c5c19ad15d55c /node_modules | |
| parent | 9cefcdc1d2289b56f9164d14d7e499e115cfeaee (diff) | |
pacote@9.1.0
Diffstat (limited to 'node_modules')
54 files changed, 3782 insertions, 207 deletions
diff --git a/node_modules/libcipm/node_modules/pacote/CHANGELOG.md b/node_modules/libcipm/node_modules/pacote/CHANGELOG.md new file mode 100644 index 000000000..703f566c4 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/CHANGELOG.md @@ -0,0 +1,1177 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="8.1.6"></a> +## [8.1.6](https://github.com/zkat/pacote/compare/v8.1.5...v8.1.6) (2018-05-24) + + + +<a name="8.1.5"></a> +## [8.1.5](https://github.com/zkat/pacote/compare/v8.1.4...v8.1.5) (2018-05-22) + + + +<a name="8.1.4"></a> +## [8.1.4](https://github.com/zkat/pacote/compare/v8.1.3...v8.1.4) (2018-05-22) + + + +<a name="8.1.3"></a> +## [8.1.3](https://github.com/zkat/pacote/compare/v8.1.2...v8.1.3) (2018-05-20) + + +### Bug Fixes + +* **deps:** try reverting tar ([574ecff](https://github.com/zkat/pacote/commit/574ecff)) +* **extract-stream:** address "write after end" issue ([#151](https://github.com/zkat/pacote/issues/151)) ([50ed408](https://github.com/zkat/pacote/commit/50ed408)), closes [#142](https://github.com/zkat/pacote/issues/142) + + + +<a name="8.1.2"></a> +## [8.1.2](https://github.com/zkat/pacote/compare/v8.1.1...v8.1.2) (2018-05-16) + + +### Bug Fixes + +* **extract-stream:** nudge things to stop write-after-end heisenbug, hopefully ([a398715](https://github.com/zkat/pacote/commit/a398715)) + + + +<a name="8.1.1"></a> +## [8.1.1](https://github.com/zkat/pacote/compare/v8.1.0...v8.1.1) (2018-04-24) + + +### Bug Fixes + +* **tarball:** Remove promise handler error ([#148](https://github.com/zkat/pacote/issues/148)) ([47da3f6](https://github.com/zkat/pacote/commit/47da3f6)), closes [#145](https://github.com/zkat/pacote/issues/145) + + + +<a name="8.1.0"></a> +# [8.1.0](https://github.com/zkat/pacote/compare/v8.0.0...v8.1.0) (2018-04-18) + + +### Bug Fixes + +* **git:** workaround for mississippi.finished intermitent failures ([#144](https://github.com/zkat/pacote/issues/144)) ([788fd13](https://github.com/zkat/pacote/commit/788fd13)), closes [#143](https://github.com/zkat/pacote/issues/143) + + +### Features + +* **tarball:** calculate shasum when missing, not just integrity ([#149](https://github.com/zkat/pacote/issues/149)) ([ccc6e90](https://github.com/zkat/pacote/commit/ccc6e90)) + + + +<a name="8.0.0"></a> +# [8.0.0](https://github.com/zkat/pacote/compare/v7.6.1...v8.0.0) (2018-04-12) + + +### Bug Fixes + +* **git:** make full clones do a full mirror ([85b269b](https://github.com/zkat/pacote/commit/85b269b)) + + +### deps + +* bump deps ([6737bf6](https://github.com/zkat/pacote/commit/6737bf6)) + + +### meta + +* drop support for node@4 ([11478ff](https://github.com/zkat/pacote/commit/11478ff)) + + +### BREAKING CHANGES + +* some dependencies were upgraded to versions that do not +support node@4. +* node@4 is no longer supported + + + +<a name="7.6.1"></a> +## [7.6.1](https://github.com/zkat/pacote/compare/v7.6.0...v7.6.1) (2018-03-08) + + +### Bug Fixes + +* **standard:** update to new standard rules ([bb52d02](https://github.com/zkat/pacote/commit/bb52d02)) + + + +<a name="7.6.0"></a> +# [7.6.0](https://github.com/zkat/pacote/compare/v7.5.3...v7.6.0) (2018-03-08) + + +### Features + +* **git:** added retry logic for all git operations. ([#136](https://github.com/zkat/pacote/issues/136)) ([425c58d](https://github.com/zkat/pacote/commit/425c58d)) + + + +<a name="7.5.3"></a> +## [7.5.3](https://github.com/zkat/pacote/compare/v7.5.2...v7.5.3) (2018-03-02) + + +### Bug Fixes + +* **tarball:** stop dropping stream errors on the floor ([3db03c2](https://github.com/zkat/pacote/commit/3db03c2)) + + + +<a name="7.5.2"></a> +## [7.5.2](https://github.com/zkat/pacote/compare/v7.5.1...v7.5.2) (2018-03-02) + + +### Bug Fixes + +* **console:** remove spurious debugging console.log :< ([5b8b509](https://github.com/zkat/pacote/commit/5b8b509)) + + + +<a name="7.5.1"></a> +## [7.5.1](https://github.com/zkat/pacote/compare/v7.5.0...v7.5.1) (2018-03-01) + + +### Bug Fixes + +* **tarball:** catch errors thrown from stream handler ([bdd6628](https://github.com/zkat/pacote/commit/bdd6628)) + + + +<a name="7.5.0"></a> +# [7.5.0](https://github.com/zkat/pacote/compare/v7.4.2...v7.5.0) (2018-03-01) + + +### Features + +* **logging:** let users know when file: resolved packages fail integrity check ([0fb8037](https://github.com/zkat/pacote/commit/0fb8037)) + + + +<a name="7.4.2"></a> +## [7.4.2](https://github.com/zkat/pacote/compare/v7.4.1...v7.4.2) (2018-02-23) + + +### Bug Fixes + +* **deps:** move mkdirp and rimraf to dependencies ([#140](https://github.com/zkat/pacote/issues/140)) ([bba20c8](https://github.com/zkat/pacote/commit/bba20c8)), closes [#128](https://github.com/zkat/pacote/issues/128) + + + +<a name="7.4.1"></a> +## [7.4.1](https://github.com/zkat/pacote/compare/v7.4.0...v7.4.1) (2018-02-23) + + +### Bug Fixes + +* **tarball:** fix spurious errors from tarball.stream() ([0286ba5](https://github.com/zkat/pacote/commit/0286ba5)) + + + +<a name="7.4.0"></a> +# [7.4.0](https://github.com/zkat/pacote/compare/v7.3.3...v7.4.0) (2018-02-17) + + +### Features + +* **tarball:** support file: opts.resolved shortcut ([a6cf279](https://github.com/zkat/pacote/commit/a6cf279)) + + + +<a name="7.3.3"></a> +## [7.3.3](https://github.com/zkat/pacote/compare/v7.3.2...v7.3.3) (2018-02-15) + + +### Bug Fixes + +* **tarball:** another attempt at fixing opts.resolved ([aff3b6a](https://github.com/zkat/pacote/commit/aff3b6a)) + + + +<a name="7.3.2"></a> +## [7.3.2](https://github.com/zkat/pacote/compare/v7.3.1...v7.3.2) (2018-02-15) + + +### Bug Fixes + +* **tarball:** opts.resolved impl was triggering extra registry lookups ([0a4729d](https://github.com/zkat/pacote/commit/0a4729d)) + + + +<a name="7.3.1"></a> +## [7.3.1](https://github.com/zkat/pacote/compare/v7.3.0...v7.3.1) (2018-02-14) + + +### Bug Fixes + +* **tarball:** stop using mississippi.pipe() in tarball.js and extract.js ([f5c1da9](https://github.com/zkat/pacote/commit/f5c1da9)) + + + +<a name="7.3.0"></a> +# [7.3.0](https://github.com/zkat/pacote/compare/v7.2.0...v7.3.0) (2018-02-07) + + +### Bug Fixes + +* **git:** fix resolution of prerelease versions ([#130](https://github.com/zkat/pacote/issues/130)) ([83be46b](https://github.com/zkat/pacote/commit/83be46b)), closes [#129](https://github.com/zkat/pacote/issues/129) + + +### Features + +* **extract:** append _resolved and _integrity automatically ([#134](https://github.com/zkat/pacote/issues/134)) ([6886b65](https://github.com/zkat/pacote/commit/6886b65)) + + + +<a name="7.2.0"></a> +# [7.2.0](https://github.com/zkat/pacote/compare/v7.1.1...v7.2.0) (2018-01-19) + + +### Features + +* **resolved:** tarball shortcut when opts.resolved is provided ([46a2f58](https://github.com/zkat/pacote/commit/46a2f58)) + + + +<a name="7.1.1"></a> +## [7.1.1](https://github.com/zkat/pacote/compare/v7.1.0...v7.1.1) (2018-01-08) + + +### Bug Fixes + +* **publish:** a spurious file was included in the previous release ([296741a](https://github.com/zkat/pacote/commit/296741a)) + + + +<a name="7.1.0"></a> +# [7.1.0](https://github.com/zkat/pacote/compare/v7.0.2...v7.1.0) (2018-01-07) + + +### Bug Fixes + +* **security:** deep-update debug due to vulnerabilities ([ff16da7](https://github.com/zkat/pacote/commit/ff16da7)) + + +### Features + +* **resolved:** add opts.resolved for cache stuff ([#131](https://github.com/zkat/pacote/issues/131)) ([149a4b5](https://github.com/zkat/pacote/commit/149a4b5)) + + + +<a name="7.0.2"></a> +## [7.0.2](https://github.com/zkat/pacote/compare/v7.0.1...v7.0.2) (2017-11-28) + + +### Bug Fixes + +* **git:** only resolvedRefs can be shallow-cloned ([899720f](https://github.com/zkat/pacote/commit/899720f)) + + + +<a name="7.0.1"></a> +## [7.0.1](https://github.com/zkat/pacote/compare/v7.0.0...v7.0.1) (2017-11-15) + + +### Bug Fixes + +* **git:** use resolved ref if available when doing a full clone (#125) ([46ca45a](https://github.com/zkat/pacote/commit/46ca45a)), closes [#125](https://github.com/zkat/pacote/issues/125) +* **move:** bump cacache for some cross-platform move fixes ([eebdcda](https://github.com/zkat/pacote/commit/eebdcda)) +* **test:** missed a spot converting tests to promises ([c43caed](https://github.com/zkat/pacote/commit/c43caed)) + + + +<a name="7.0.0"></a> +# [7.0.0](https://github.com/zkat/pacote/compare/v6.1.0...v7.0.0) (2017-11-15) + + +### Bug Fixes + +* **docs:** You totally should use pacote now (#126) ([d49a9b5](https://github.com/zkat/pacote/commit/d49a9b5)) +* **git:** stop generating integrity for git ([d45363b](https://github.com/zkat/pacote/commit/d45363b)) +* **integrity:** stop defaulting to sha1 hashes ([62f8cdf](https://github.com/zkat/pacote/commit/62f8cdf)) +* **license:** relicense to MIT for OSI-compat ([ba6b3e0](https://github.com/zkat/pacote/commit/ba6b3e0)) + + +### Features + +* **tarball:** add externall pacote.tarball() api ([e30bd49](https://github.com/zkat/pacote/commit/e30bd49)) + + +### prefetch + +* deprecate pacote.prefetch ([e47e521](https://github.com/zkat/pacote/commit/e47e521)) + + +### BREAKING CHANGES + +* **license:** The license has changed from CC0-1.0 to MIT, which is less permissive and also OSI-approved. +* pacote.prefetch is deprecated in favor of pacote.tarball + + + +<a name="6.1.0"></a> +# [6.1.0](https://github.com/zkat/pacote/compare/v6.0.4...v6.1.0) (2017-10-19) + + +### Bug Fixes + +* **git:** use actual default git branch instead of assuming master (#122) ([79ce949](https://github.com/zkat/pacote/commit/79ce949)) +* **npa:** ensure spec is a valid npa instance ([1757b2b](https://github.com/zkat/pacote/commit/1757b2b)) + + +### Features + +* **selection:** add opts.includeDeprecated (#123) ([2001549](https://github.com/zkat/pacote/commit/2001549)) + + + +<a name="6.0.4"></a> +## [6.0.4](https://github.com/zkat/pacote/compare/v6.0.3...v6.0.4) (2017-10-05) + + +### Bug Fixes + +* **file:** include integrity hash for streamed tarballs too ([030cee7](https://github.com/zkat/pacote/commit/030cee7)) + + + +<a name="6.0.3"></a> +## [6.0.3](https://github.com/zkat/pacote/compare/v6.0.2...v6.0.3) (2017-10-05) + + +### Bug Fixes + +* **extract:** clean up mode/fmode/dmode tests ([f915045](https://github.com/zkat/pacote/commit/f915045)) +* **file:** make sure file tarballs are written to cache and have integrity data ([dae391a](https://github.com/zkat/pacote/commit/dae391a)) +* **git:** version resolution regression from #115 (#119) ([9a68205](https://github.com/zkat/pacote/commit/9a68205)) + + + +<a name="6.0.2"></a> +## [6.0.2](https://github.com/zkat/pacote/compare/v6.0.1...v6.0.2) (2017-09-06) + + +### Bug Fixes + +* **extract:** preserve executable perms on extracted files ([19b3dfd](https://github.com/zkat/pacote/commit/19b3dfd)) + + +### Performance Improvements + +* replace some calls to .match() with .starts/endsWith() (#115) ([192a02f](https://github.com/zkat/pacote/commit/192a02f)) + + + +<a name="6.0.1"></a> +## [6.0.1](https://github.com/zkat/pacote/compare/v6.0.0...v6.0.1) (2017-08-22) + + +### Bug Fixes + +* **finalize:** insist on getting a package.json ([f72ee91](https://github.com/zkat/pacote/commit/f72ee91)) + + + +<a name="6.0.0"></a> +# [6.0.0](https://github.com/zkat/pacote/compare/v5.0.1...v6.0.0) (2017-08-19) + + +### Bug Fixes + +* **tar:** bring back the .gitignore -> .npmignore logic (#113) ([0dd518e](https://github.com/zkat/pacote/commit/0dd518e)) + + +### BREAKING CHANGES + +* **tar:** this reverts a previous change to disable this feature. + + + +<a name="5.0.1"></a> +## [5.0.1](https://github.com/zkat/pacote/compare/v5.0.0...v5.0.1) (2017-08-17) + + +### Bug Fixes + +* **tar:** chown directories on extract as well ([2fa4598](https://github.com/zkat/pacote/commit/2fa4598)) + + + +<a name="5.0.0"></a> +# [5.0.0](https://github.com/zkat/pacote/compare/v4.0.0...v5.0.0) (2017-08-16) + + +### Bug Fixes + +* **registry:** Pass maxSockets options down (#110) ([3f05b79](https://github.com/zkat/pacote/commit/3f05b79)) + + +### Features + +* **deps:** replace tar-fs/tar-stream with tar[@3](https://github.com/3) ([28c80a9](https://github.com/zkat/pacote/commit/28c80a9)) +* **tar:** switch to tarv3 ([53899c7](https://github.com/zkat/pacote/commit/53899c7)) + + +### BREAKING CHANGES + +* **tar:** this changes the underlying tar library, and thus may introduce some subtle low-level incompatibility. Also: + +* The tarball packer built into pacote works much closer to how the one npm injects does. +* Special characters on Windows will now be escaped the way tar(1) usually does: by replacing them with the `0xf000` masked character on the way out. +* Directories won't be chowned. + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/zkat/pacote/compare/v3.0.0...v4.0.0) (2017-06-29) + + +### Bug Fixes + +* **extract:** revert uid/gid change ([41852e0](https://github.com/zkat/pacote/commit/41852e0)) + + +### BREAKING CHANGES + +* **extract:** behavior for setting uid/gid on extracted contents was restored to what it was in pacote@2 + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/zkat/pacote/compare/v2.7.38...v3.0.0) (2017-06-29) + + +### Bug Fixes + +* **extract:** always extract as current user gid/uid ([6fc01a5](https://github.com/zkat/pacote/commit/6fc01a5)) + + +### BREAKING CHANGES + +* **extract:** pacote will no longer set ownership of extracted +contents -- uid/gid will *only* be used for the cache and other internal +details. + + + +<a name="2.7.38"></a> +## [2.7.38](https://github.com/zkat/pacote/compare/v2.7.37...v2.7.38) (2017-06-29) + + +### Bug Fixes + +* **manifest:** bump npm-pick-manifest for loose semver fix ([b3d45ef](https://github.com/zkat/pacote/commit/b3d45ef)) + + + +<a name="2.7.37"></a> +## [2.7.37](https://github.com/zkat/pacote/compare/v2.7.36...v2.7.37) (2017-06-29) + + +### Bug Fixes + +* **deps:** bump deps for fixes ([f156655](https://github.com/zkat/pacote/commit/f156655)) + + + +<a name="2.7.36"></a> +## [2.7.36](https://github.com/zkat/pacote/compare/v2.7.35...v2.7.36) (2017-06-10) + + +### Bug Fixes + +* **deps:** update tar-fs with the special characters patch (#102) ([ed43aa3](https://github.com/zkat/pacote/commit/ed43aa3)) + + + +<a name="2.7.35"></a> +## [2.7.35](https://github.com/zkat/pacote/compare/v2.7.34...v2.7.35) (2017-06-09) + + +### Bug Fixes + +* **registry:** only print one 199 warning (#100) ([b395138](https://github.com/zkat/pacote/commit/b395138)) + + + +<a name="2.7.34"></a> +## [2.7.34](https://github.com/zkat/pacote/compare/v2.7.33...v2.7.34) (2017-06-09) + + +### Bug Fixes + +* **git:** whitelist specific shallow-cloneable hosts ([b210cc8](https://github.com/zkat/pacote/commit/b210cc8)) + + + +<a name="2.7.33"></a> +## [2.7.33](https://github.com/zkat/pacote/compare/v2.7.32...v2.7.33) (2017-06-08) + + +### Bug Fixes + +* **git:** better error reporting when ls-remote fails ([10aae8f](https://github.com/zkat/pacote/commit/10aae8f)) + + + +<a name="2.7.32"></a> +## [2.7.32](https://github.com/zkat/pacote/compare/v2.7.31...v2.7.32) (2017-06-07) + + +### Bug Fixes + +* **registry:** print both 111 and 199 warnings ([2f8c201](https://github.com/zkat/pacote/commit/2f8c201)) + + + +<a name="2.7.31"></a> +## [2.7.31](https://github.com/zkat/pacote/compare/v2.7.30...v2.7.31) (2017-06-06) + + +### Bug Fixes + +* **extract:** always return a bluebird promise ([06ca91d](https://github.com/zkat/pacote/commit/06ca91d)) +* **registry:** bump make-fetch-happen for local cache header issue fix ([868615c](https://github.com/zkat/pacote/commit/868615c)) + + + +<a name="2.7.30"></a> +## [2.7.30](https://github.com/zkat/pacote/compare/v2.7.29...v2.7.30) (2017-06-05) + + +### Bug Fixes + +* **ssri:** bump ssri for bugfix ([70a859c](https://github.com/zkat/pacote/commit/70a859c)) + + + +<a name="2.7.29"></a> +## [2.7.29](https://github.com/zkat/pacote/compare/v2.7.28...v2.7.29) (2017-06-05) + + +### Bug Fixes + +* **registry:** use cert instead of certfile opt ([a45880d](https://github.com/zkat/pacote/commit/a45880d)) + + + +<a name="2.7.28"></a> +## [2.7.28](https://github.com/zkat/pacote/compare/v2.7.27...v2.7.28) (2017-06-05) + + +### Bug Fixes + +* **git:** limit ls-remote output to heads/tags (#97) ([c1e3dcd](https://github.com/zkat/pacote/commit/c1e3dcd)) +* **proxy:** send certificate authority, key and other options (#95) ([c4b6128](https://github.com/zkat/pacote/commit/c4b6128)) +* **registry:** add support for global auth and _auth token (#96) ([7919fb7](https://github.com/zkat/pacote/commit/7919fb7)) +* **registry:** emit npm-session header (#98) ([9816b18](https://github.com/zkat/pacote/commit/9816b18)) + + + +<a name="2.7.27"></a> +## [2.7.27](https://github.com/zkat/pacote/compare/v2.7.26...v2.7.27) (2017-06-01) + + +### Bug Fixes + +* **git:** fix semver range detection. oops ([76d9233](https://github.com/zkat/pacote/commit/76d9233)) + + + +<a name="2.7.26"></a> +## [2.7.26](https://github.com/zkat/pacote/compare/v2.7.25...v2.7.26) (2017-06-01) + + +### Bug Fixes + +* **git:** hash was not being replaced/appended correctly ([6fcbed5](https://github.com/zkat/pacote/commit/6fcbed5)) + + + +<a name="2.7.25"></a> +## [2.7.25](https://github.com/zkat/pacote/compare/v2.7.24...v2.7.25) (2017-05-31) + + +### Bug Fixes + +* **git:** git deps were getting _resolved without shasums ([96f0675](https://github.com/zkat/pacote/commit/96f0675)) + + + +<a name="2.7.24"></a> +## [2.7.24](https://github.com/zkat/pacote/compare/v2.7.23...v2.7.24) (2017-05-31) + + +### Bug Fixes + +* **deps:** update dep versions with new patches ([dc2e4ff](https://github.com/zkat/pacote/commit/dc2e4ff)) + + + +<a name="2.7.23"></a> +## [2.7.23](https://github.com/zkat/pacote/compare/v2.7.22...v2.7.23) (2017-05-31) + + +### Bug Fixes + +* **git:** fix ls-remote command and throw away ^{} junk ([62ba84d](https://github.com/zkat/pacote/commit/62ba84d)) +* **git:** use the parsed git committish from npa ([77a676a](https://github.com/zkat/pacote/commit/77a676a)) + + + +<a name="2.7.22"></a> +## [2.7.22](https://github.com/zkat/pacote/compare/v2.7.21...v2.7.22) (2017-05-31) + + +### Bug Fixes + +* **git:** accept shortened git hashes (#91) ([4466388](https://github.com/zkat/pacote/commit/4466388)) + + + +<a name="2.7.21"></a> +## [2.7.21](https://github.com/zkat/pacote/compare/v2.7.20...v2.7.21) (2017-05-25) + + +### Bug Fixes + +* **registry:** stop URIEncoding username/password ([011c9a2](https://github.com/zkat/pacote/commit/011c9a2)) + + + +<a name="2.7.20"></a> +## [2.7.20](https://github.com/zkat/pacote/compare/v2.7.19...v2.7.20) (2017-05-25) + + +### Bug Fixes + +* **registry:** encode username and password for auth ([c48b651](https://github.com/zkat/pacote/commit/c48b651)) + + + +<a name="2.7.19"></a> +## [2.7.19](https://github.com/zkat/pacote/compare/v2.7.18...v2.7.19) (2017-05-25) + + +### Bug Fixes + +* **registry:** respect alwaysAuth ([150788a](https://github.com/zkat/pacote/commit/150788a)) + + + +<a name="2.7.18"></a> +## [2.7.18](https://github.com/zkat/pacote/compare/v2.7.17...v2.7.18) (2017-05-25) + + +### Bug Fixes + +* **cache:** pass uid/gid settings through to mfh ([d8845df](https://github.com/zkat/pacote/commit/d8845df)) +* **deps:** update m-f-h for cache opts fix ([faab6cd](https://github.com/zkat/pacote/commit/faab6cd)) + + + +<a name="2.7.17"></a> +## [2.7.17](https://github.com/zkat/pacote/compare/v2.7.16...v2.7.17) (2017-05-25) + + +### Bug Fixes + +* **deps:** bump cacache ([34bd656](https://github.com/zkat/pacote/commit/34bd656)) + + + +<a name="2.7.16"></a> +## [2.7.16](https://github.com/zkat/pacote/compare/v2.7.15...v2.7.16) (2017-05-24) + + +### Bug Fixes + +* **deps:** pull in various fixes from deps ([4354703](https://github.com/zkat/pacote/commit/4354703)) + + + +<a name="2.7.15"></a> +## [2.7.15](https://github.com/zkat/pacote/compare/v2.7.14...v2.7.15) (2017-05-24) + + +### Bug Fixes + +* **proxy:** bump m-f-h with more patches ([26d4170](https://github.com/zkat/pacote/commit/26d4170)) + + + +<a name="2.7.14"></a> +## [2.7.14](https://github.com/zkat/pacote/compare/v2.7.13...v2.7.14) (2017-05-24) + + +### Bug Fixes + +* **proxy:** pull in new m-f-h with fixed http proxies ([d6a14e0](https://github.com/zkat/pacote/commit/d6a14e0)) + + + +<a name="2.7.13"></a> +## [2.7.13](https://github.com/zkat/pacote/compare/v2.7.12...v2.7.13) (2017-05-23) + + +### Bug Fixes + +* **deps:** bump dep versions to fix http redirect issues ([b23a9fa](https://github.com/zkat/pacote/commit/b23a9fa)) + + + +<a name="2.7.12"></a> +## [2.7.12](https://github.com/zkat/pacote/compare/v2.7.11...v2.7.12) (2017-05-16) + + +### Bug Fixes + +* **fetch:** fix default userAgent ([4b9d344](https://github.com/zkat/pacote/commit/4b9d344)) +* **registry:** log failed requests too ([0f23f06](https://github.com/zkat/pacote/commit/0f23f06)) +* **remote:** send a useful pkg id header for remote tarballs ([ac13356](https://github.com/zkat/pacote/commit/ac13356)) + + + +<a name="2.7.11"></a> +## [2.7.11](https://github.com/zkat/pacote/compare/v2.7.10...v2.7.11) (2017-05-12) + + +### Bug Fixes + +* **fetch:** make it play nicer with bundlers ([67cd713](https://github.com/zkat/pacote/commit/67cd713)) + + + +<a name="2.7.10"></a> +## [2.7.10](https://github.com/zkat/pacote/compare/v2.7.9...v2.7.10) (2017-05-12) + + +### Bug Fixes + +* **logging:** shhhhhhh ([e7ea56e](https://github.com/zkat/pacote/commit/e7ea56e)) +* **manifest:** _resolved is the only main field we do not overwrite ([4c12421](https://github.com/zkat/pacote/commit/4c12421)) + + + +<a name="2.7.9"></a> +## [2.7.9](https://github.com/zkat/pacote/compare/v2.7.8...v2.7.9) (2017-05-09) + + +### Bug Fixes + +* **git:** Resolve to ref git specs w/o committishes (#88) ([cb885f5](https://github.com/zkat/pacote/commit/cb885f5)), closes [#88](https://github.com/zkat/pacote/issues/88) + + + +<a name="2.7.8"></a> +## [2.7.8](https://github.com/zkat/pacote/compare/v2.7.7...v2.7.8) (2017-05-07) + + +### Bug Fixes + +* **git:** integrity hash was not always emitted ([97ed9e1](https://github.com/zkat/pacote/commit/97ed9e1)) + + + +<a name="2.7.7"></a> +## [2.7.7](https://github.com/zkat/pacote/compare/v2.7.6...v2.7.7) (2017-05-06) + + +### Bug Fixes + +* **auth:** redirects no longer send auth to different host ([82e78c5](https://github.com/zkat/pacote/commit/82e78c5)) + + + +<a name="2.7.6"></a> +## [2.7.6](https://github.com/zkat/pacote/compare/v2.7.5...v2.7.6) (2017-05-05) + + +### Bug Fixes + +* **git:** only use longpaths on win32 because old gits ([32846fc](https://github.com/zkat/pacote/commit/32846fc)) + + + +<a name="2.7.5"></a> +## [2.7.5](https://github.com/zkat/pacote/compare/v2.7.4...v2.7.5) (2017-05-04) + + +### Bug Fixes + +* **registry-key:** Use pathname instead of path in registryKey (#85) ([5339831](https://github.com/zkat/pacote/commit/5339831)) + + + +<a name="2.7.4"></a> +## [2.7.4](https://github.com/zkat/pacote/compare/v2.7.3...v2.7.4) (2017-05-04) + + +### Bug Fixes + +* **pick-manifest:** fix =1.2.3 semver range requests ([dd6911c](https://github.com/zkat/pacote/commit/dd6911c)) + + + +<a name="2.7.3"></a> +## [2.7.3](https://github.com/zkat/pacote/compare/v2.7.2...v2.7.3) (2017-05-04) + + +### Bug Fixes + +* **pick-manifest:** spaces in requested version are now trimmed out ([6422b28](https://github.com/zkat/pacote/commit/6422b28)) + + + +<a name="2.7.2"></a> +## [2.7.2](https://github.com/zkat/pacote/compare/v2.7.1...v2.7.2) (2017-05-04) + + +### Bug Fixes + +* **extract:** missing or corrupted content properly re-fetched again ([46f60c2](https://github.com/zkat/pacote/commit/46f60c2)) + + + +<a name="2.7.1"></a> +## [2.7.1](https://github.com/zkat/pacote/compare/v2.7.0...v2.7.1) (2017-05-01) + + +### Bug Fixes + +* **logging:** log specs correctly on extract ([4b5bab0](https://github.com/zkat/pacote/commit/4b5bab0)) +* **manifest:** obey opts.preferOnline when fetching from memoized ([26928a7](https://github.com/zkat/pacote/commit/26928a7)) + + + +<a name="2.7.0"></a> +# [2.7.0](https://github.com/zkat/pacote/compare/v2.6.0...v2.7.0) (2017-04-29) + + +### Bug Fixes + +* **registry:** stop using integrity hashes for metadata. again. ([4595ab2](https://github.com/zkat/pacote/commit/4595ab2)) + + +### Features + +* **manifest:** include _shasum for legacy compat ([b3a7eed](https://github.com/zkat/pacote/commit/b3a7eed)) + + + +<a name="2.6.0"></a> +# [2.6.0](https://github.com/zkat/pacote/compare/v2.5.0...v2.6.0) (2017-04-29) + + +### Features + +* **manifest:** annotate manifests with _from ([e45e968](https://github.com/zkat/pacote/commit/e45e968)) + + + +<a name="2.5.0"></a> +# [2.5.0](https://github.com/zkat/pacote/compare/v2.4.0...v2.5.0) (2017-04-28) + + +### Bug Fixes + +* **registry:** JSON text is not a valid header value ([78951ea](https://github.com/zkat/pacote/commit/78951ea)) + + +### Features + +* **memoization:** allow injection and control of memoizers ([d8a2be7](https://github.com/zkat/pacote/commit/d8a2be7)) + + + +<a name="2.4.0"></a> +# [2.4.0](https://github.com/zkat/pacote/compare/v2.3.2...v2.4.0) (2017-04-27) + + +### Bug Fixes + +* **tests:** nicer error message on registry 404 ([e8e71c8](https://github.com/zkat/pacote/commit/e8e71c8)) + + +### Features + +* **auth:** added basic auth and always-auth support ([548aeb5](https://github.com/zkat/pacote/commit/548aeb5)) +* **proxy:** proxy support for registry and remote deps ([3766bbb](https://github.com/zkat/pacote/commit/3766bbb)) + + + +<a name="2.3.2"></a> +## [2.3.2](https://github.com/zkat/pacote/compare/v2.3.1...v2.3.2) (2017-04-26) + + +### Bug Fixes + +* **deps:** reduce deps size with m-f-h upgrade ([ba75461](https://github.com/zkat/pacote/commit/ba75461)) + + + +<a name="2.3.1"></a> +## [2.3.1](https://github.com/zkat/pacote/compare/v2.3.0...v2.3.1) (2017-04-26) + + +### Bug Fixes + +* **git:** another attempt at fixing EPERM b.s. ([e445bef](https://github.com/zkat/pacote/commit/e445bef)) + + + +<a name="2.3.0"></a> +# [2.3.0](https://github.com/zkat/pacote/compare/v2.2.2...v2.3.0) (2017-04-26) + + +### Bug Fixes + +* **git:** had ENOTSUP error on windows ([ee17c35](https://github.com/zkat/pacote/commit/ee17c35)) +* **memoization:** actually memoize package metadata ([e2078c0](https://github.com/zkat/pacote/commit/e2078c0)) + + +### Features + +* **memoization:** better packument memoization + pacote.clearMemoized() ([eb1bd4f](https://github.com/zkat/pacote/commit/eb1bd4f)) + + + +<a name="2.2.2"></a> +## [2.2.2](https://github.com/zkat/pacote/compare/v2.2.1...v2.2.2) (2017-04-24) + + +### Bug Fixes + +* **prefetch:** pull in new cacache + fix prefetch hasContent call ([9f476b8](https://github.com/zkat/pacote/commit/9f476b8)) + + + +<a name="2.2.1"></a> +## [2.2.1](https://github.com/zkat/pacote/compare/v2.2.0...v2.2.1) (2017-04-23) + + +### Bug Fixes + +* **finalize:** pass on engines/cpu/os ([0a73c78](https://github.com/zkat/pacote/commit/0a73c78)) + + + +<a name="2.2.0"></a> +# [2.2.0](https://github.com/zkat/pacote/compare/v2.1.2...v2.2.0) (2017-04-22) + + +### Bug Fixes + +* **git:** fix shortcut fallback order again ([5759d40](https://github.com/zkat/pacote/commit/5759d40)) +* **registry:** fix infinite manifetch loop ([6c6a62b](https://github.com/zkat/pacote/commit/6c6a62b)) + + +### Features + +* **manifest:** opts.fullMetadata to get unfiltered manifests ([ff2945b](https://github.com/zkat/pacote/commit/ff2945b)) + + + +<a name="2.1.2"></a> +## [2.1.2](https://github.com/zkat/pacote/compare/v2.1.1...v2.1.2) (2017-04-20) + + + +<a name="2.1.1"></a> +## [2.1.1](https://github.com/zkat/pacote/compare/v2.1.0...v2.1.1) (2017-04-19) + + +### Bug Fixes + +* **git:** use sshurl instead of ssh for ssh clones ([ff20803](https://github.com/zkat/pacote/commit/ff20803)) +* **notice:** only log npm-notice if the packument came from network ([eeeb411](https://github.com/zkat/pacote/commit/eeeb411)) +* **registry:** improve 404 error messages ([6a5cbdb](https://github.com/zkat/pacote/commit/6a5cbdb)) + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/zkat/pacote/compare/v2.0.5...v2.1.0) (2017-04-18) + + +### Bug Fixes + +* **cache:** bump deps for cache fixes ([9596434](https://github.com/zkat/pacote/commit/9596434)) + + +### Features + +* **warn:** http warning headers now logged ([f22ce1d](https://github.com/zkat/pacote/commit/f22ce1d)) + + + +<a name="2.0.5"></a> +## [2.0.5](https://github.com/zkat/pacote/compare/v2.0.4...v2.0.5) (2017-04-18) + + +### Bug Fixes + +* **file:** oops, the type for these is file ([e7a3d35](https://github.com/zkat/pacote/commit/e7a3d35)) + + + +<a name="2.0.4"></a> +## [2.0.4](https://github.com/zkat/pacote/compare/v2.0.3...v2.0.4) (2017-04-18) + + +### Bug Fixes + +* **deps:** remove normalize-git-url ([12d464a](https://github.com/zkat/pacote/commit/12d464a)) +* **git:** Correctly read in the HEAD ref after cloning ([dbe1b15](https://github.com/zkat/pacote/commit/dbe1b15)) +* **git:** The full clone path doesn't have _resolved set ([ddce561](https://github.com/zkat/pacote/commit/ddce561)) +* **manifest:** no _from ever ([15087c4](https://github.com/zkat/pacote/commit/15087c4)) + + + +<a name="2.0.3"></a> +## [2.0.3](https://github.com/zkat/pacote/compare/v2.0.2...v2.0.3) (2017-04-15) + + +### Bug Fixes + +* **manifest:** meh just shove _from in there ([4396f09](https://github.com/zkat/pacote/commit/4396f09)) +* **registry:** include CI header ([86ad911](https://github.com/zkat/pacote/commit/86ad911)) +* **registry:** include npm-scope header ([574cd93](https://github.com/zkat/pacote/commit/574cd93)) +* **registry:** make sure to send referer header ([2d3aaac](https://github.com/zkat/pacote/commit/2d3aaac)) + + + +<a name="2.0.2"></a> +## [2.0.2](https://github.com/zkat/pacote/compare/v2.0.1...v2.0.2) (2017-04-15) + + +### Bug Fixes + +* **directory:** fix default pack-dir and write a test for it ([9d9266f](https://github.com/zkat/pacote/commit/9d9266f)) +* **extract:** brainfart with extractByManifest fixed. lol. ([a1367fb](https://github.com/zkat/pacote/commit/a1367fb)) + + + +<a name="2.0.1"></a> +## [2.0.1](https://github.com/zkat/pacote/compare/v2.0.0...v2.0.1) (2017-04-15) + + +### Bug Fixes + +* **tarball:** missed the local->tarball rename ([ac42dc4](https://github.com/zkat/pacote/commit/ac42dc4)) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/zkat/pacote/compare/v1.0.0...v2.0.0) (2017-04-15) + + +### Bug Fixes + +* **api:** use npa[@5](https://github.com/5) for spec parsing (#78) ([3f56298](https://github.com/zkat/pacote/commit/3f56298)) +* **deprecated:** remove underscore from manifest._deprecated ([9f4af93](https://github.com/zkat/pacote/commit/9f4af93)) +* **directory:** add _resolved to directory manifests ([1d305db](https://github.com/zkat/pacote/commit/1d305db)) +* **directory:** return null instead of throwing ([d35630d](https://github.com/zkat/pacote/commit/d35630d)) +* **finalize:** don't try to cache manifests we can't get a good key for ([8ab1758](https://github.com/zkat/pacote/commit/8ab1758)) +* **finalize:** refactored finalize-manifest code + add _integrity=false sentinel ([657b7fa](https://github.com/zkat/pacote/commit/657b7fa)) +* **git:** cleaner handling of git tarball streams when caching ([11acd0a](https://github.com/zkat/pacote/commit/11acd0a)) +* **git:** emit manifests from git tarball handler ([b139d4b](https://github.com/zkat/pacote/commit/b139d4b)) +* **git:** fix .git exclusion, set mtime = 0 to make tarballs idempotent ([9a9fa1b](https://github.com/zkat/pacote/commit/9a9fa1b)) +* **git:** fix fallback order and only fall back on hosted shortcuts ([551cb33](https://github.com/zkat/pacote/commit/551cb33)) +* **git:** fix filling-out of git manifests ([95e807c](https://github.com/zkat/pacote/commit/95e807c)) +* **git:** got dir packer option working with git ([7669b3e](https://github.com/zkat/pacote/commit/7669b3e)) +* **headers:** nudge around some headers to make things behave ([db1e0a1](https://github.com/zkat/pacote/commit/db1e0a1)) +* **manifest:** get rid of resolved-with-non-error warning ([d4d4917](https://github.com/zkat/pacote/commit/d4d4917)) +* **manifest:** stop using digest for manifests ([4ddd2f5](https://github.com/zkat/pacote/commit/4ddd2f5)) +* **opts:** bring opt-check up to date ([564419e](https://github.com/zkat/pacote/commit/564419e)) +* **opts:** rename refreshCache to preferOnline cause much clearer ([94171d6](https://github.com/zkat/pacote/commit/94171d6)) +* **prefetch:** fall back to the _integrity in the manifest if none calculated ([083ac79](https://github.com/zkat/pacote/commit/083ac79)) +* **prefetch:** if there's no stream, just skip (for directory) ([714de91](https://github.com/zkat/pacote/commit/714de91)) +* **registry:** fix error handling for registry tarballs ([e69539f](https://github.com/zkat/pacote/commit/e69539f)) +* **registry:** nudging logging stuff around a bit ([61d62cc](https://github.com/zkat/pacote/commit/61d62cc)) +* **registry:** only send auth info if tarball is hosted on the same registry ([1de5a2b](https://github.com/zkat/pacote/commit/1de5a2b)) +* **registry:** redirect tarball urls to provided registry port+protocol if same host ([f50167e](https://github.com/zkat/pacote/commit/f50167e)) +* **registry:** support memoizing packuments ([e7fff31](https://github.com/zkat/pacote/commit/e7fff31)) +* **registry:** treat registry cache as "private" -- bumps m-f-h ([6fa1503](https://github.com/zkat/pacote/commit/6fa1503)) + + +### Features + +* **directory:** implement local dir packing ([017d989](https://github.com/zkat/pacote/commit/017d989)) +* **fetch:** bump make-fetch-happen for new restarts ([cf90716](https://github.com/zkat/pacote/commit/cf90716)) +* **git:** support pulling in git submodules ([5825d33](https://github.com/zkat/pacote/commit/5825d33)) +* **integrity:** replace http client (#72) ([189cdd2](https://github.com/zkat/pacote/commit/189cdd2)) +* **prefetch:** return cache-related info on prefetch ([623b7f3](https://github.com/zkat/pacote/commit/623b7f3)) +* **registry:** allow injection of request agents ([805e5ae](https://github.com/zkat/pacote/commit/805e5ae)) +* **registry:** fast request pooling ([321f84b](https://github.com/zkat/pacote/commit/321f84b)) +* **registry:** registry requests now follow cache spec more closely, respect Age, etc ([9e47098](https://github.com/zkat/pacote/commit/9e47098)) + + +### BREAKING CHANGES + +* **api:** spec objects can no longer be realize-package-specifier objects. Pass a string or generate npa@>=5 spec objects to pass in. +* **integrity:** This PR replaces a pretty fundamental chunk of pacote. + +* Caching now follows standard-ish cache rules for http-related requests. + +* manifest() no longer includes the `_shasum` field. It's been replaced by `_integrity`, which is a Subresource Integrity hash string containing equivalent data. These strings can be parsed and managed using https://npm.im/ssri. + +* Any functions that accepted `opts.digest` and/or `opts.hashAlgorithm` now expect `opts.integrity` instead. + +* Packuments and finalized manifests are now cached using sha512. Tarballs can start using that hash (or any other more secure hash) once registries start supporting them: `packument.dist.integrity` will be prioritized over `packument.shasum`. + +* If opts.offline is used, a `ENOCACHE` error will be returned. + + + +<a name="1.0.0"></a> +# [1.0.0](https://github.com/zkat/pacote/compare/v0.1.1...v1.0.0) (2017-03-17) + + +### Bug Fixes + +* **extract-stream:** adapt to tar-fs api ([aa21308](https://github.com/zkat/pacote/commit/aa21308)) +* add 'use strict' to all .js files (#26) ([021bd59](https://github.com/zkat/pacote/commit/021bd59)) +* **cache:** this is really a user error, so just throw ([5c9c0fa](https://github.com/zkat/pacote/commit/5c9c0fa)) +* **deps:** cacache[@5](https://github.com/5).0.3 ([37cddc5](https://github.com/zkat/pacote/commit/37cddc5)) +* **deps:** tar-fs[@1](https://github.com/1).15.1 ([e0d853a](https://github.com/zkat/pacote/commit/e0d853a)) +* **docs:** correct fixtures table (#57) ([23d2eb4](https://github.com/zkat/pacote/commit/23d2eb4)) +* **extract:** correctly detect digest cache misses ([ec6672b](https://github.com/zkat/pacote/commit/ec6672b)) +* **extract:** fixed race condition ([14fd2a8](https://github.com/zkat/pacote/commit/14fd2a8)) +* **finalize-manifest:** use digest to uniquify cached manifests ([931a9cb](https://github.com/zkat/pacote/commit/931a9cb)) +* **http:** Fixed cache-related race condition ([b70a4b1](https://github.com/zkat/pacote/commit/b70a4b1)) +* **manifest:** dir manifests should throw ENOPACKAGEJSON ([b06882d](https://github.com/zkat/pacote/commit/b06882d)) +* **manifest:** ETARGET when no packages match ([ea2127d](https://github.com/zkat/pacote/commit/ea2127d)) +* **manifest:** local manifest fn should return a promise ([c700622](https://github.com/zkat/pacote/commit/c700622)) +* **manifest:** retry registry manifests once on ETARGET (#66) ([3b99adc](https://github.com/zkat/pacote/commit/3b99adc)) +* **prefetch:** hashAlgorithm is required for hasContent ([f03d51c](https://github.com/zkat/pacote/commit/f03d51c)) +* **request:** report cache write errors on end ([c102b86](https://github.com/zkat/pacote/commit/c102b86)) + + +### Features + +* **api:** support pre-realized specifiers as specs (#62) ([1d5bf39](https://github.com/zkat/pacote/commit/1d5bf39)) +* **cache:** grabbing info and hasContent ([a559711](https://github.com/zkat/pacote/commit/a559711)) +* **deps:** minimatch[@3](https://github.com/3).0.3 ([2bb8cd5](https://github.com/zkat/pacote/commit/2bb8cd5)) +* **deps:** normalize-package-data[@2](https://github.com/2).3.5 ([4250e0d](https://github.com/zkat/pacote/commit/4250e0d)) +* **directory:** directory dep support (#68) ([6d5307a](https://github.com/zkat/pacote/commit/6d5307a)) +* **git:** baseline git support (#69) ([6d7eaf5](https://github.com/zkat/pacote/commit/6d7eaf5)) +* **handlers:** added remote tarball support (#64) ([add1808](https://github.com/zkat/pacote/commit/add1808)) +* **local:** local tarball support (#67) ([e50d625](https://github.com/zkat/pacote/commit/e50d625)) +* **manifest:** handle deprecation notice (#60) ([db82dae](https://github.com/zkat/pacote/commit/db82dae)) +* **manifest:** standardize manifest format ([3dd9a72](https://github.com/zkat/pacote/commit/3dd9a72)) +* **manifest:** switch to cacache for caching ([8ba7249](https://github.com/zkat/pacote/commit/8ba7249)) +* **prefetch:** added tarball prefetch support ([26c34ce](https://github.com/zkat/pacote/commit/26c34ce)) +* **request:** accept maxSockets opt ([3987807](https://github.com/zkat/pacote/commit/3987807)) +* **scopes:** new scopeTargets option (#59) ([b5db7ae](https://github.com/zkat/pacote/commit/b5db7ae)) + + +### Performance Improvements + +* **finalize-manifest:** cache finalized manifests ([fa3c430](https://github.com/zkat/pacote/commit/fa3c430)) + + +### BREAKING CHANGES + +* **manifest:** Toplevel APIs now return Promises instead of using callbacks. diff --git a/node_modules/libcipm/node_modules/pacote/LICENSE b/node_modules/libcipm/node_modules/pacote/LICENSE new file mode 100644 index 000000000..ab41caa64 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) +Copyright (c) 2017 Kat Marchán + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE +OR OTHER DEALINGS IN THE SOFTWARE. + diff --git a/node_modules/libcipm/node_modules/pacote/README.md b/node_modules/libcipm/node_modules/pacote/README.md new file mode 100644 index 000000000..5c9985549 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/README.md @@ -0,0 +1,201 @@ +# pacote [](https://npm.im/pacote) [](https://npm.im/pacote) [](https://travis-ci.org/zkat/pacote) [](https://ci.appveyor.com/project/zkat/pacote) [](https://coveralls.io/github/zkat/pacote?branch=latest) + +[`pacote`](https://github.com/zkat/pacote) is a Node.js library for downloading +[npm](https://npmjs.org)-compatible packages. It supports all package specifier +syntax that `npm install` and its ilk support. It transparently caches anything +needed to reduce excess operations, using [`cacache`](https://npm.im/cacache). + +## Install + +`$ npm install --save pacote` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [`manifest`](#manifest) + * [`extract`](#extract) + * [`tarball`](#tarball) + * [`tarball.stream`](#tarball-stream) + * [`tarball.toFile`](#tarball-to-file) + * [`prefetch`](#prefetch) + * [`options`](#options) + * [`clearMemoized`](#clearMemoized) + +### Example + +```javascript +const pacote = require('pacote') + +pacote.manifest('pacote@^1').then(pkg => { + console.log('package manifest for registry pkg:', pkg) + // { "name": "pacote", "version": "1.0.0", ... } +}) + +pacote.extract('http://hi.com/pkg.tgz', './here').then(() => { + console.log('remote tarball contents extracted to ./here') +}) +``` + +### Features + +* Handles all package types [npm](https://npm.im/npm) does +* [high-performance, reliable, verified local cache](https://npm.im/cacache) +* offline mode +* authentication support (private git, private npm registries, etc) +* github, gitlab, and bitbucket-aware +* semver range support for git dependencies + +### Contributing + +The pacote team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](CONTRIBUTING.md) has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +### API + +#### <a name="manifest"></a> `> pacote.manifest(spec, [opts])` + +Fetches the *manifest* for a package. Manifest objects are similar and based +on the `package.json` for that package, but with pre-processed and limited +fields. The object has the following shape: + +```javascript +{ + "name": PkgName, + "version": SemverString, + "dependencies": { PkgName: SemverString }, + "optionalDependencies": { PkgName: SemverString }, + "devDependencies": { PkgName: SemverString }, + "peerDependencies": { PkgName: SemverString }, + "bundleDependencies": false || [PkgName], + "bin": { BinName: Path }, + "_resolved": TarballSource, // different for each package type + "_integrity": SubresourceIntegrityHash, + "_shrinkwrap": null || ShrinkwrapJsonObj +} +``` + +Note that depending on the spec type, some additional fields might be present. +For example, packages from `registry.npmjs.org` have additional metadata +appended by the registry. + +##### Example + +```javascript +pacote.manifest('pacote@1.0.0').then(pkgJson => { + // fetched `package.json` data from the registry +}) +``` + +#### <a name="extract"></a> `> pacote.extract(spec, destination, [opts])` + +Extracts package data identified by `<spec>` into a directory named +`<destination>`, which will be created if it does not already exist. + +If `opts.digest` is provided and the data it identifies is present in the cache, +`extract` will bypass most of its operations and go straight to extracting the +tarball. + +##### Example + +```javascript +pacote.extract('pacote@1.0.0', './woot', { + digest: 'deadbeef' +}).then(() => { + // Succeeds as long as `pacote@1.0.0` still exists somewhere. Network and + // other operations are bypassed entirely if `digest` is present in the cache. +}) +``` + +#### <a name="tarball"></a> `> pacote.tarball(spec, [opts])` + +Fetches package data identified by `<spec>` and returns the data as a buffer. + +This API has two variants: + +* `pacote.tarball.stream(spec, [opts])` - Same as `pacote.tarball`, except it returns a stream instead of a Promise. +* `pacote.tarball.toFile(spec, dest, [opts])` - Instead of returning data directly, data will be written directly to `dest`, and create any required directories along the way. + +##### Example + +```javascript +pacote.tarball('pacote@1.0.0', { cache: './my-cache' }).then(data => { + // data is the tarball data for pacote@1.0.0 +}) +``` + +#### <a name="tarball-stream"></a> `> pacote.tarball.stream(spec, [opts])` + +Same as `pacote.tarball`, except it returns a stream instead of a Promise. + +##### Example + +```javascript +pacote.tarball.stream('pacote@1.0.0') +.pipe(fs.createWriteStream('./pacote-1.0.0.tgz')) +``` + +#### <a name="tarball-to-file"></a> `> pacote.tarball.toFile(spec, dest, [opts])` + +Like `pacote.tarball`, but instead of returning data directly, data will be +written directly to `dest`, and create any required directories along the way. + +##### Example + +```javascript +pacote.tarball.toFile('pacote@1.0.0', './pacote-1.0.0.tgz') +.then(() => /* pacote tarball written directly to ./pacote-1.0.0.tgz */) +``` + +#### <a name="prefetch"></a> `> pacote.prefetch(spec, [opts])` + +##### THIS API IS DEPRECATED. USE `pacote.tarball()` INSTEAD + +Fetches package data identified by `<spec>`, usually for the purpose of warming +up the local package cache (with `opts.cache`). It does not return anything. + +##### Example + +```javascript +pacote.prefetch('pacote@1.0.0', { cache: './my-cache' }).then(() => { + // ./my-cache now has both the manifest and tarball for `pacote@1.0.0`. +}) +``` + +#### <a name="clearMemoized"></a> `> pacote.clearMemoized()` + +This utility function can be used to force pacote to release its references +to any memoized data in its various internal caches. It might help free +some memory. + +```javascript +pacote.manifest(...).then(() => pacote.clearMemoized) + +``` + +#### <a name="options"></a> `> options` + +##### `opts.integrity` + +If provided, pacote will confirm that the relevant integrity hash for each +operation's results matches the given digest. The call will return `EINTEGRITY` +if the check fails. + +Additionally, `pacote.extract` will use this integrity string check the cache +directly for matching contents before performing any other operations. + +##### `opts.cache` +##### `opts.cacheUid`/`opts.cacheGid` +##### `opts.uid`/`opts.gid` +##### `opts.scope` +##### `opts.registry` +##### `opts.@somescope:registry` +##### `opts.auth` +##### `opts.log` +##### `opts.maxSockets` + +Default: `silentNpmLog` + +An [`npmlog`](https://npm.im/npmlog)-compatible logger. Will be used to log +various events at the levels specified by `npmlog`. diff --git a/node_modules/libcipm/node_modules/pacote/extract.js b/node_modules/libcipm/node_modules/pacote/extract.js new file mode 100644 index 000000000..d2ab47deb --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/extract.js @@ -0,0 +1,70 @@ +'use strict' + +const BB = require('bluebird') + +const extractStream = require('./lib/extract-stream.js') +const fs = require('fs') +const mkdirp = BB.promisify(require('mkdirp')) +const npa = require('npm-package-arg') +const optCheck = require('./lib/util/opt-check.js') +const path = require('path') +const rimraf = BB.promisify(require('rimraf')) +const withTarballStream = require('./lib/with-tarball-stream.js') + +const truncateAsync = BB.promisify(fs.truncate) +const readFileAsync = BB.promisify(fs.readFile) +const appendFileAsync = BB.promisify(fs.appendFile) + +module.exports = extract +function extract (spec, dest, opts) { + opts = optCheck(opts) + spec = npa(spec, opts.where) + const startTime = Date.now() + + return withTarballStream(spec, opts, stream => { + return tryExtract(spec, stream, dest, opts) + }) + .then(() => { + if (!opts.resolved) { + const pjson = path.join(dest, 'package.json') + return readFileAsync(pjson, 'utf8') + .then(str => truncateAsync(pjson) + .then(() => appendFileAsync(pjson, str.replace( + /}\s*$/, + `\n,"_resolved": ${ + JSON.stringify(opts.resolved || '') + }\n,"_integrity": ${ + JSON.stringify(opts.integrity || '') + }\n,"_from": ${ + JSON.stringify(spec.toString()) + }\n}` + )))) + } + }) + .then(() => opts.log.silly( + 'extract', + `${spec} extracted to ${dest} (${Date.now() - startTime}ms)` + )) +} + +function tryExtract (spec, tarStream, dest, opts) { + return new BB((resolve, reject) => { + tarStream.on('error', reject) + setImmediate(resolve) + }) + .then(() => rimraf(dest)) + .then(() => mkdirp(dest)) + .then(() => new BB((resolve, reject) => { + const xtractor = extractStream(spec, dest, opts) + tarStream.on('error', reject) + xtractor.on('error', reject) + xtractor.on('close', resolve) + tarStream.pipe(xtractor) + })) + .catch(err => { + if (err.code === 'EINTEGRITY') { + err.message = `Verification failed while extracting ${spec}:\n${err.message}` + } + throw err + }) +} diff --git a/node_modules/libcipm/node_modules/pacote/index.js b/node_modules/libcipm/node_modules/pacote/index.js new file mode 100644 index 000000000..7889a5edf --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/index.js @@ -0,0 +1,9 @@ +'use strict' + +module.exports = { + extract: require('./extract'), + manifest: require('./manifest'), + prefetch: require('./prefetch'), + tarball: require('./tarball'), + clearMemoized: require('./lib/fetch').clearMemoized +} diff --git a/node_modules/libcipm/node_modules/pacote/lib/extract-stream.js b/node_modules/libcipm/node_modules/pacote/lib/extract-stream.js new file mode 100644 index 000000000..d7e8fd5a1 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/extract-stream.js @@ -0,0 +1,88 @@ +'use strict' + +const Minipass = require('minipass') +const path = require('path') +const tar = require('tar') + +module.exports = extractStream +module.exports._computeMode = computeMode + +class Transformer extends Minipass { + constructor (spec, opts) { + super() + this.spec = spec + this.opts = opts + this.str = '' + } + write (data) { + this.str += data + return true + } + end () { + const replaced = this.str.replace( + /}\s*$/, + `\n,"_resolved": ${ + JSON.stringify(this.opts.resolved || '') + }\n,"_integrity": ${ + JSON.stringify(this.opts.integrity || '') + }\n,"_from": ${ + JSON.stringify(this.spec.toString()) + }\n}` + ) + super.write(replaced) + return super.end() + } +} + +function computeMode (fileMode, optMode, umask) { + return (fileMode | optMode) & ~(umask || 0) +} + +function pkgJsonTransform (spec, opts) { + return entry => { + if (entry.path === 'package.json') { + const transformed = new Transformer(spec, opts) + return transformed + } + } +} + +function extractStream (spec, dest, opts) { + opts = opts || {} + const sawIgnores = new Set() + return tar.x({ + cwd: dest, + filter: (name, entry) => !entry.header.type.match(/^.*link$/i), + strip: 1, + onwarn: msg => opts.log && opts.log.warn('tar', msg), + uid: opts.uid, + gid: opts.gid, + transform: opts.resolved && pkgJsonTransform(spec, opts), + onentry (entry) { + if (entry.type.toLowerCase() === 'file') { + entry.mode = computeMode(entry.mode, opts.fmode, opts.umask) + } else if (entry.type.toLowerCase() === 'directory') { + entry.mode = computeMode(entry.mode, opts.dmode, opts.umask) + } else { + entry.mode = computeMode(entry.mode, 0, opts.umask) + } + + // Note: This mirrors logic in the fs read operations that are + // employed during tarball creation, in the fstream-npm module. + // It is duplicated here to handle tarballs that are created + // using other means, such as system tar or git archive. + if (entry.type.toLowerCase() === 'file') { + const base = path.basename(entry.path) + if (base === '.npmignore') { + sawIgnores.add(entry.path) + } else if (base === '.gitignore') { + const npmignore = entry.path.replace(/\.gitignore$/, '.npmignore') + if (!sawIgnores.has(npmignore)) { + // Rename, may be clobbered later. + entry.path = npmignore + } + } + } + } + }) +} diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetch.js b/node_modules/libcipm/node_modules/pacote/lib/fetch.js new file mode 100644 index 000000000..5c45fa21d --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetch.js @@ -0,0 +1,72 @@ +'use strict' + +const duck = require('protoduck') + +const Fetcher = duck.define(['spec', 'opts', 'manifest'], { + manifest: ['spec', 'opts'], + tarball: ['spec', 'opts'], + fromManifest: ['manifest', 'spec', 'opts'], + clearMemoized () {} +}, {name: 'Fetcher'}) +module.exports = Fetcher + +module.exports.manifest = manifest +function manifest (spec, opts) { + const fetcher = getFetcher(spec.type) + return fetcher.manifest(spec, opts) +} + +module.exports.tarball = tarball +function tarball (spec, opts) { + return getFetcher(spec.type).tarball(spec, opts) +} + +module.exports.fromManifest = fromManifest +function fromManifest (manifest, spec, opts) { + return getFetcher(spec.type).fromManifest(manifest, spec, opts) +} + +const fetchers = {} + +module.exports.clearMemoized = clearMemoized +function clearMemoized () { + Object.keys(fetchers).forEach(k => { + fetchers[k].clearMemoized() + }) +} + +function getFetcher (type) { + if (!fetchers[type]) { + // This is spelled out both to prevent sketchy stuff and to make life + // easier for bundlers/preprocessors. + switch (type) { + case 'directory': + fetchers[type] = require('./fetchers/directory') + break + case 'file': + fetchers[type] = require('./fetchers/file') + break + case 'git': + fetchers[type] = require('./fetchers/git') + break + case 'hosted': + fetchers[type] = require('./fetchers/hosted') + break + case 'range': + fetchers[type] = require('./fetchers/range') + break + case 'remote': + fetchers[type] = require('./fetchers/remote') + break + case 'tag': + fetchers[type] = require('./fetchers/tag') + break + case 'version': + fetchers[type] = require('./fetchers/version') + break + default: + throw new Error(`Invalid dependency type requested: ${type}`) + } + } + return fetchers[type] +} diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetchers/directory.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/directory.js new file mode 100644 index 000000000..f6e680f66 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/directory.js @@ -0,0 +1,72 @@ +'use strict' + +const BB = require('bluebird') + +const Fetcher = require('../fetch') +const glob = BB.promisify(require('glob')) +const packDir = require('../util/pack-dir') +const path = require('path') +const pipe = BB.promisify(require('mississippi').pipe) +const through = require('mississippi').through + +const readFileAsync = BB.promisify(require('fs').readFile) + +const fetchDirectory = module.exports = Object.create(null) + +Fetcher.impl(fetchDirectory, { + // `directory` manifests come from the actual manifest/lockfile data. + manifest (spec, opts) { + const pkgPath = path.join(spec.fetchSpec, 'package.json') + const srPath = path.join(spec.fetchSpec, 'npm-shrinkwrap.json') + return BB.join( + readFileAsync(pkgPath).then(JSON.parse).catch({code: 'ENOENT'}, err => { + err.code = 'ENOPACKAGEJSON' + throw err + }), + readFileAsync(srPath).then(JSON.parse).catch({code: 'ENOENT'}, () => null), + (pkg, sr) => { + pkg._shrinkwrap = sr + pkg._hasShrinkwrap = !!sr + pkg._resolved = spec.fetchSpec + pkg._integrity = false // Don't auto-calculate integrity + pkg._shasum = false // Don't auto-calculate shasum either + return pkg + } + ).then(pkg => { + if (!pkg.bin && pkg.directories && pkg.directories.bin) { + const dirBin = pkg.directories.bin + return glob(path.join(spec.fetchSpec, dirBin, '/**'), {nodir: true}).then(matches => { + matches.forEach(filePath => { + const relative = path.relative(spec.fetchSpec, filePath) + if (relative && relative[0] !== '.') { + if (!pkg.bin) { pkg.bin = {} } + pkg.bin[path.basename(relative)] = relative + } + }) + }).then(() => pkg) + } else { + return pkg + } + }) + }, + + // As of npm@5, the npm installer doesn't pack + install directories: it just + // creates symlinks. This code is here because `npm pack` still needs the + // ability to create a tarball from a local directory. + tarball (spec, opts) { + const stream = through() + this.manifest(spec, opts).then(mani => { + return pipe(this.fromManifest(mani, spec, opts), stream) + }).catch(err => stream.emit('error', err)) + return stream + }, + + // `directory` tarballs are generated in a very similar way to git tarballs. + fromManifest (manifest, spec, opts) { + const stream = through() + packDir(manifest, manifest._resolved, manifest._resolved, stream, opts).catch(err => { + stream.emit('error', err) + }) + return stream + } +}) diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetchers/file.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/file.js new file mode 100644 index 000000000..5688cd1bd --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/file.js @@ -0,0 +1,74 @@ +'use strict' + +const BB = require('bluebird') + +const cacache = require('cacache') +const Fetcher = require('../fetch') +const fs = require('fs') +const pipe = BB.promisify(require('mississippi').pipe) +const through = require('mississippi').through + +const readFileAsync = BB.promisify(fs.readFile) +const statAsync = BB.promisify(fs.stat) + +const MAX_BULK_SIZE = 2 * 1024 * 1024 // 2MB + +// `file` packages refer to local tarball files. +const fetchFile = module.exports = Object.create(null) + +Fetcher.impl(fetchFile, { + manifest (spec, opts) { + // We can't do much here. `finalizeManifest` will take care of + // calling `tarball` to fill out all the necessary details. + return BB.resolve(null) + }, + + // All the heavy lifting for `file` packages is done here. + // They're never cached. We just read straight out of the file. + // TODO - maybe they *should* be cached? + tarball (spec, opts) { + const src = spec._resolved || spec.fetchSpec + const stream = through() + statAsync(src).then(stat => { + if (spec._resolved) { stream.emit('manifest', spec) } + if (stat.size <= MAX_BULK_SIZE) { + // YAY LET'S DO THING IN BULK + return readFileAsync(src).then(data => { + if (opts.cache) { + return cacache.put( + opts.cache, `pacote:tarball:file:${src}`, data, { + integrity: opts.integrity + } + ).then(integrity => ({data, integrity})) + } else { + return {data} + } + }).then(info => { + if (info.integrity) { stream.emit('integrity', info.integrity) } + stream.write(info.data, () => { + stream.end() + }) + }) + } else { + let integrity + const cacheWriter = !opts.cache + ? BB.resolve(null) + : (pipe( + fs.createReadStream(src), + cacache.put.stream(opts.cache, `pacote:tarball:${src}`, { + integrity: opts.integrity + }).on('integrity', d => { integrity = d }) + )) + return cacheWriter.then(() => { + if (integrity) { stream.emit('integrity', integrity) } + return pipe(fs.createReadStream(src), stream) + }) + } + }, err => stream.emit('error', err)) + return stream + }, + + fromManifest (manifest, spec, opts) { + return this.tarball(manifest || spec, opts) + } +}) diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetchers/git.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/git.js new file mode 100644 index 000000000..66a2093ee --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/git.js @@ -0,0 +1,174 @@ +'use strict' + +const BB = require('bluebird') + +const cacache = require('cacache') +const cacheKey = require('../util/cache-key') +const Fetcher = require('../fetch') +const git = require('../util/git') +const mkdirp = BB.promisify(require('mkdirp')) +const pickManifest = require('npm-pick-manifest') +const optCheck = require('../util/opt-check') +const osenv = require('osenv') +const packDir = require('../util/pack-dir') +const PassThrough = require('stream').PassThrough +const path = require('path') +const pipe = BB.promisify(require('mississippi').pipe) +const rimraf = BB.promisify(require('rimraf')) +const uniqueFilename = require('unique-filename') + +// `git` dependencies are fetched from git repositories and packed up. +const fetchGit = module.exports = Object.create(null) + +Fetcher.impl(fetchGit, { + manifest (spec, opts) { + opts = optCheck(opts) + if (spec.hosted && spec.hosted.getDefaultRepresentation() === 'shortcut') { + return hostedManifest(spec, opts) + } else { + // If it's not a shortcut, don't do fallbacks. + return plainManifest(spec.fetchSpec, spec, opts) + } + }, + + tarball (spec, opts) { + opts = optCheck(opts) + const stream = new PassThrough() + this.manifest(spec, opts).then(manifest => { + stream.emit('manifest', manifest) + return pipe( + this.fromManifest( + manifest, spec, opts + ).on('integrity', i => stream.emit('integrity', i)), stream + ) + }, err => stream.emit('error', err)) + return stream + }, + + fromManifest (manifest, spec, opts) { + opts = optCheck(opts) + let streamError + const stream = new PassThrough().on('error', e => { streamError = e }) + const cacheName = manifest._uniqueResolved || manifest._resolved || '' + const cacheStream = ( + opts.cache && + cacache.get.stream( + opts.cache, cacheKey('packed-dir', cacheName), opts + ).on('integrity', i => stream.emit('integrity', i)) + ) + cacheStream.pipe(stream) + cacheStream.on('error', err => { + if (err.code !== 'ENOENT') { + return stream.emit('error', err) + } else { + stream.emit('reset') + return withTmp(opts, tmp => { + if (streamError) { throw streamError } + return cloneRepo( + spec, manifest._repo, manifest._ref, manifest._rawRef, tmp, opts + ).then(HEAD => { + if (streamError) { throw streamError } + manifest._resolved = spec.saveSpec.replace(/(:?#.*)?$/, `#${HEAD}`) + manifest._uniqueResolved = manifest._resolved + return packDir(manifest, manifest._uniqueResolved, tmp, stream, opts) + }) + }).catch(err => stream.emit('error', err)) + } + }) + return stream + } +}) + +function hostedManifest (spec, opts) { + return BB.resolve(null).then(() => { + if (!spec.hosted.git()) { + throw new Error(`No git url for ${spec}`) + } + return plainManifest(spec.hosted.git(), spec, opts) + }).catch(err => { + if (!spec.hosted.https()) { + throw err + } + return plainManifest(spec.hosted.https(), spec, opts) + }).catch(err => { + if (!spec.hosted.sshurl()) { + throw err + } + return plainManifest(spec.hosted.sshurl(), spec, opts) + }) +} + +function plainManifest (repo, spec, opts) { + const rawRef = spec.gitCommittish || spec.gitRange + return resolve( + repo, spec, spec.name, opts + ).then(ref => { + if (ref) { + const resolved = spec.saveSpec.replace(/(?:#.*)?$/, `#${ref.sha}`) + return { + _repo: repo, + _resolved: resolved, + _spec: spec, + _ref: ref, + _rawRef: spec.gitCommittish || spec.gitRange, + _uniqueResolved: resolved, + _integrity: false, + _shasum: false + } + } else { + // We're SOL and need a full clone :( + // + // If we're confident enough that `rawRef` is a commit SHA, + // then we can at least get `finalize-manifest` to cache its result. + const resolved = spec.saveSpec.replace(/(?:#.*)?$/, rawRef ? `#${rawRef}` : '') + return { + _repo: repo, + _rawRef: rawRef, + _resolved: rawRef && rawRef.match(/^[a-f0-9]{40}$/) && resolved, + _uniqueResolved: rawRef && rawRef.match(/^[a-f0-9]{40}$/) && resolved, + _integrity: false, + _shasum: false + } + } + }) +} + +function resolve (url, spec, name, opts) { + const isSemver = !!spec.gitRange + return git.revs(url, opts).then(remoteRefs => { + return isSemver + ? pickManifest({ + versions: remoteRefs.versions, + 'dist-tags': remoteRefs['dist-tags'], + name: name + }, spec.gitRange, opts) + : remoteRefs + ? BB.resolve( + remoteRefs.refs[spec.gitCommittish] || remoteRefs.refs[remoteRefs.shas[spec.gitCommittish]] + ) + : null + }) +} + +function withTmp (opts, cb) { + if (opts.cache) { + // cacache has a special facility for working in a tmp dir + return cacache.tmp.withTmp(opts.cache, {tmpPrefix: 'git-clone'}, cb) + } else { + const tmpDir = path.join(osenv.tmpdir(), 'pacote-git-tmp') + const tmpName = uniqueFilename(tmpDir, 'git-clone') + const tmp = mkdirp(tmpName).then(() => tmpName).disposer(rimraf) + return BB.using(tmp, cb) + } +} + +// Only certain whitelisted hosted gits support shadow cloning +const SHALLOW_HOSTS = new Set(['github', 'gist', 'gitlab', 'bitbucket']) +function cloneRepo (spec, repo, resolvedRef, rawRef, tmp, opts) { + const ref = resolvedRef ? resolvedRef.ref : rawRef + if (resolvedRef && spec.hosted && SHALLOW_HOSTS.has(spec.hosted.type)) { + return git.shallow(repo, ref, tmp, opts) + } else { + return git.clone(repo, ref, tmp, opts) + } +} diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetchers/hosted.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/hosted.js new file mode 100644 index 000000000..d41793c81 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/hosted.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./git') diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetchers/range.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/range.js new file mode 100644 index 000000000..9f172e986 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/range.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./registry') diff --git a/node_modules/pacote/lib/fetchers/registry/check-warning-header.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/check-warning-header.js index b17a233d4..b17a233d4 100644 --- a/node_modules/pacote/lib/fetchers/registry/check-warning-header.js +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/check-warning-header.js diff --git a/node_modules/pacote/lib/fetchers/registry/fetch.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/fetch.js index 3a2a4a5a7..3a2a4a5a7 100644 --- a/node_modules/pacote/lib/fetchers/registry/fetch.js +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/fetch.js diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/index.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/index.js new file mode 100644 index 000000000..78bdc2342 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/index.js @@ -0,0 +1,27 @@ +'use strict' + +const cacache = require('cacache') +const Fetcher = require('../../fetch') +const regManifest = require('./manifest') +const regTarball = require('./tarball') + +const fetchRegistry = module.exports = Object.create(null) + +Fetcher.impl(fetchRegistry, { + manifest (spec, opts) { + return regManifest(spec, opts) + }, + + tarball (spec, opts) { + return regTarball(spec, opts) + }, + + fromManifest (manifest, spec, opts) { + return regTarball.fromManifest(manifest, spec, opts) + }, + + clearMemoized () { + cacache.clearMemoized() + regManifest.clearMemoized() + } +}) diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/manifest.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/manifest.js new file mode 100644 index 000000000..4e5a8010e --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/manifest.js @@ -0,0 +1,148 @@ +'use strict' + +const BB = require('bluebird') + +const fetch = require('./fetch') +const LRU = require('lru-cache') +const optCheck = require('../../util/opt-check') +const pickManifest = require('npm-pick-manifest') +const pickRegistry = require('./pick-registry') +const ssri = require('ssri') +const url = require('url') + +// Corgis are cute. 🐕🐶 +const CORGI_DOC = 'application/vnd.npm.install-v1+json; q=1.0, application/json; q=0.8, */*' +const JSON_DOC = 'application/json' + +module.exports = manifest +function manifest (spec, opts) { + opts = optCheck(opts) + + const registry = pickRegistry(spec, opts) + const uri = metadataUrl(registry, spec.escapedName) + + return getManifest(uri, registry, spec, opts).then(manifest => { + return annotateManifest(uri, registry, manifest) + }) +} + +function metadataUrl (registry, name) { + const normalized = registry.slice(-1) !== '/' + ? registry + '/' + : registry + return url.resolve(normalized, name) +} + +function getManifest (uri, registry, spec, opts) { + return fetchPackument(uri, spec, registry, opts).then(packument => { + try { + return pickManifest(packument, spec.fetchSpec, { + defaultTag: opts.defaultTag, + includeDeprecated: opts.includeDeprecated + }) + } catch (err) { + if (err.code === 'ETARGET' && packument._cached && !opts.offline) { + opts.log.silly( + 'registry:manifest', + `no matching version for ${spec.name}@${spec.fetchSpec} in the cache. Forcing revalidation` + ) + opts.preferOffline = false + opts.preferOnline = true + return fetchPackument(uri, spec, registry, opts).then(packument => { + return pickManifest(packument, spec.fetchSpec, { + defaultTag: opts.defaultTag + }) + }) + } else { + throw err + } + } + }) +} + +// TODO - make this an opt +const MEMO = new LRU({ + length: m => m._contentLength, + max: 200 * 1024 * 1024, // 200MB + maxAge: 30 * 1000 // 30s +}) + +module.exports.clearMemoized = clearMemoized +function clearMemoized () { + MEMO.reset() +} + +function fetchPackument (uri, spec, registry, opts) { + const mem = pickMem(opts) + if (mem && !opts.preferOnline && mem.has(uri)) { + return BB.resolve(mem.get(uri)) + } + + return fetch(uri, registry, Object.assign({ + headers: { + 'pacote-req-type': 'packument', + 'pacote-pkg-id': `registry:${manifest.name}`, + accept: opts.fullMetadata ? JSON_DOC : CORGI_DOC + }, + spec + }, opts, { + // Force integrity to null: we never check integrity hashes for manifests + integrity: null + })).then(res => res.json().then(packument => { + packument._cached = decodeURIComponent(res.headers.has('x-local-cache')) + packument._contentLength = +res.headers.get('content-length') + // NOTE - we need to call pickMem again because proxy + // objects get reused! + const mem = pickMem(opts) + if (mem) { + mem.set(uri, packument) + } + return packument + })) +} + +class ObjProxy { + get (key) { return this.obj[key] } + set (key, val) { this.obj[key] = val } +} + +// This object is used synchronously and immediately, so +// we can safely reuse it instead of consing up new ones +const PROX = new ObjProxy() +function pickMem (opts) { + if (!opts || !opts.memoize) { + return MEMO + } else if (opts.memoize.get && opts.memoize.set) { + return opts.memoize + } else if (typeof opts.memoize === 'object') { + PROX.obj = opts.memoize + return PROX + } else { + return null + } +} + +function annotateManifest (uri, registry, manifest) { + const shasum = manifest.dist && manifest.dist.shasum + manifest._integrity = manifest.dist && manifest.dist.integrity + manifest._shasum = shasum + if (!manifest._integrity && shasum) { + // Use legacy dist.shasum field if available. + manifest._integrity = ssri.fromHex(shasum, 'sha1').toString() + } + manifest._resolved = ( + manifest.dist && manifest.dist.tarball + ) + if (!manifest._resolved) { + const err = new Error( + `Manifest for ${manifest.name}@${manifest.version} from ${uri} is missing a tarball url (pkg.dist.tarball). Guessing a default.` + ) + err.code = 'ENOTARBALL' + err.manifest = manifest + if (!manifest._warnings) { manifest._warnings = [] } + manifest._warnings.push(err.message) + manifest._resolved = + `${registry}/${manifest.name}/-/${manifest.name}-${manifest.version}.tgz` + } + return manifest +} diff --git a/node_modules/pacote/lib/fetchers/registry/pick-registry.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/pick-registry.js index f326950da..f326950da 100644 --- a/node_modules/pacote/lib/fetchers/registry/pick-registry.js +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/pick-registry.js diff --git a/node_modules/pacote/lib/fetchers/registry/registry-key.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/registry-key.js index f53e9a9b4..f53e9a9b4 100644 --- a/node_modules/pacote/lib/fetchers/registry/registry-key.js +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/registry-key.js diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/tarball.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/tarball.js new file mode 100644 index 000000000..723998127 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/registry/tarball.js @@ -0,0 +1,103 @@ +'use strict' + +const BB = require('bluebird') + +const fetch = require('./fetch') +const manifest = require('./manifest') +const optCheck = require('../../util/opt-check') +const PassThrough = require('stream').PassThrough +const pickRegistry = require('./pick-registry') +const ssri = require('ssri') +const url = require('url') + +module.exports = tarball +function tarball (spec, opts) { + opts = optCheck(opts) + const registry = pickRegistry(spec, opts) + const stream = new PassThrough() + let mani + if ( + opts.resolved && + // spec.type === 'version' && + opts.resolved.indexOf(registry) === 0 + ) { + // fakeChild is a shortcut to avoid looking up a manifest! + mani = BB.resolve({ + name: spec.name, + version: spec.fetchSpec, + _integrity: opts.integrity, + _resolved: opts.resolved, + _fakeChild: true + }) + } else { + // We can't trust opts.resolved if it's going to a separate host. + mani = manifest(spec, opts) + } + + mani.then(mani => { + !mani._fakeChild && stream.emit('manifest', mani) + const fetchStream = fromManifest(mani, spec, opts).on( + 'integrity', i => stream.emit('integrity', i) + ) + fetchStream.on('error', err => stream.emit('error', err)) + fetchStream.pipe(stream) + return null + }).catch(err => stream.emit('error', err)) + return stream +} + +module.exports.fromManifest = fromManifest +function fromManifest (manifest, spec, opts) { + opts = optCheck(opts) + opts.scope = spec.scope || opts.scope + const stream = new PassThrough() + const registry = pickRegistry(spec, opts) + const uri = getTarballUrl(spec, registry, manifest, opts) + fetch(uri, registry, Object.assign({ + headers: { + 'pacote-req-type': 'tarball', + 'pacote-pkg-id': `registry:${manifest.name}@${uri}` + }, + integrity: manifest._integrity, + algorithms: [ + manifest._integrity + ? ssri.parse(manifest._integrity).pickAlgorithm() + : 'sha1' + ], + spec + }, opts)) + .then(res => { + const hash = res.headers.get('x-local-cache-hash') + if (hash) { + stream.emit('integrity', decodeURIComponent(hash)) + } + res.body.on('error', err => stream.emit('error', err)) + res.body.pipe(stream) + return null + }) + .catch(err => stream.emit('error', err)) + return stream +} + +function getTarballUrl (spec, registry, mani, opts) { + const reg = url.parse(registry) + const tarball = url.parse(mani._resolved) + // https://github.com/npm/npm/pull/9471 + // + // TL;DR: Some alternative registries host tarballs on http and packuments + // on https, and vice-versa. There's also a case where people who can't use + // SSL to access the npm registry, for example, might use + // `--registry=http://registry.npmjs.org/`. In this case, we need to + // rewrite `tarball` to match the protocol. + // + if (reg.hostname === tarball.hostname && reg.protocol !== tarball.protocol) { + tarball.protocol = reg.protocol + // Ports might be same host different protocol! + if (reg.port !== tarball.port) { + delete tarball.host + tarball.port = reg.port + } + delete tarball.href + } + return url.format(tarball) +} diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetchers/remote.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/remote.js new file mode 100644 index 000000000..a1e95a2e6 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/remote.js @@ -0,0 +1,30 @@ +'use strict' + +const BB = require('bluebird') + +const Fetcher = require('../fetch') +const fetchRegistry = require('./registry') + +const fetchRemote = module.exports = Object.create(null) + +Fetcher.impl(fetchRemote, { + manifest (spec, opts) { + // We can't get the manifest for a remote tarball until + // we extract the tarball itself. + // `finalize-manifest` takes care of this process of extracting + // a manifest based on ./tarball.js + return BB.resolve(null) + }, + + tarball (spec, opts) { + const uri = spec._resolved || spec.fetchSpec + return fetchRegistry.fromManifest({ + _resolved: uri, + _integrity: opts.integrity + }, spec, opts) + }, + + fromManifest (manifest, spec, opts) { + return this.tarball(manifest || spec, opts) + } +}) diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetchers/tag.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/tag.js new file mode 100644 index 000000000..9f172e986 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/tag.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./registry') diff --git a/node_modules/libcipm/node_modules/pacote/lib/fetchers/version.js b/node_modules/libcipm/node_modules/pacote/lib/fetchers/version.js new file mode 100644 index 000000000..9f172e986 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/fetchers/version.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./registry') diff --git a/node_modules/libcipm/node_modules/pacote/lib/finalize-manifest.js b/node_modules/libcipm/node_modules/pacote/lib/finalize-manifest.js new file mode 100644 index 000000000..0f309ed6d --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/finalize-manifest.js @@ -0,0 +1,253 @@ +'use strict' + +const BB = require('bluebird') + +const cacache = require('cacache') +const cacheKey = require('./util/cache-key') +const fetchFromManifest = require('./fetch').fromManifest +const finished = require('./util/finished') +const minimatch = require('minimatch') +const normalize = require('normalize-package-data') +const optCheck = require('./util/opt-check') +const path = require('path') +const pipe = BB.promisify(require('mississippi').pipe) +const ssri = require('ssri') +const tar = require('tar') + +// `finalizeManifest` takes as input the various kinds of manifests that +// manifest handlers ('lib/fetchers/*.js#manifest()') return, and makes sure +// they are: +// +// * filled out with any required data that the handler couldn't fill in +// * formatted consistently +// * cached so we don't have to repeat this work more than necessary +// +// The biggest thing this package might do is do a full tarball extraction in +// order to find missing bits of metadata required by the npm installer. For +// example, it will fill in `_shrinkwrap`, `_integrity`, and other details that +// the plain manifest handlers would require a tarball to fill out. If a +// handler returns everything necessary, this process is skipped. +// +// If we get to the tarball phase, the corresponding tarball handler for the +// requested type will be invoked and the entire tarball will be read from the +// stream. +// +module.exports = finalizeManifest +function finalizeManifest (pkg, spec, opts) { + const key = finalKey(pkg, spec) + opts = optCheck(opts) + + const cachedManifest = (opts.cache && key && !opts.preferOnline && !opts.fullMetadata) + ? cacache.get.info(opts.cache, key, opts) + : BB.resolve(null) + + return cachedManifest.then(cached => { + if (cached && cached.metadata.manifest) { + return new Manifest(cached.metadata.manifest) + } else { + return tarballedProps(pkg, spec, opts).then(props => { + return pkg && pkg.name + ? new Manifest(pkg, props, opts.fullMetadata) + : new Manifest(props, null, opts.fullMetadata) + }).then(manifest => { + const cacheKey = key || finalKey(manifest, spec) + if (!opts.cache || !cacheKey) { + return manifest + } else { + opts.metadata = { + id: manifest._id, + manifest, + type: 'finalized-manifest' + } + return cacache.put( + opts.cache, cacheKey, '.', opts + ).then(() => manifest) + } + }) + } + }) +} + +module.exports.Manifest = Manifest +function Manifest (pkg, fromTarball, fullMetadata) { + fromTarball = fromTarball || {} + if (fullMetadata) { + Object.assign(this, pkg) + } + this.name = pkg.name + this.version = pkg.version + this.engines = pkg.engines || fromTarball.engines + this.cpu = pkg.cpu || fromTarball.cpu + this.os = pkg.os || fromTarball.os + this.dependencies = pkg.dependencies || {} + this.optionalDependencies = pkg.optionalDependencies || {} + this.devDependencies = pkg.devDependencies || {} + const bundled = ( + pkg.bundledDependencies || + pkg.bundleDependencies || + false + ) + this.bundleDependencies = bundled + this.peerDependencies = pkg.peerDependencies || {} + this.deprecated = pkg.deprecated || false + + // These depend entirely on each handler + this._resolved = pkg._resolved + + // Not all handlers (or registries) provide these out of the box, + // and if they don't, we need to extract and read the tarball ourselves. + // These are details required by the installer. + this._integrity = pkg._integrity || fromTarball._integrity || null + this._shasum = pkg._shasum || fromTarball._shasum || null + this._shrinkwrap = pkg._shrinkwrap || fromTarball._shrinkwrap || null + this.bin = pkg.bin || fromTarball.bin || null + + if (this.bin && Array.isArray(this.bin)) { + // Code yanked from read-package-json. + const m = (pkg.directories && pkg.directories.bin) || '.' + this.bin = this.bin.reduce((acc, mf) => { + if (mf && mf.charAt(0) !== '.') { + const f = path.basename(mf) + acc[f] = path.join(m, mf) + } + return acc + }, {}) + } + + this._id = null + + // TODO - freezing and inextensibility pending npm changes. See test suite. + // Object.preventExtensions(this) + normalize(this) + + // I don't want this why did you give it to me. Go away. 🔥🔥🔥🔥 + delete this.readme + + // Object.freeze(this) +} + +// Some things aren't filled in by standard manifest fetching. +// If this function needs to do its work, it will grab the +// package tarball, extract it, and take whatever it needs +// from the stream. +function tarballedProps (pkg, spec, opts) { + const needsShrinkwrap = (!pkg || ( + pkg._hasShrinkwrap !== false && + !pkg._shrinkwrap + )) + const needsBin = !!(!pkg || ( + !pkg.bin && + pkg.directories && + pkg.directories.bin + )) + const needsIntegrity = !pkg || (!pkg._integrity && pkg._integrity !== false) + const needsShasum = !pkg || (!pkg._shasum && pkg._shasum !== false) + const needsHash = needsIntegrity || needsShasum + const needsManifest = !pkg || !pkg.name + const needsExtract = needsShrinkwrap || needsBin || needsManifest + if (!needsShrinkwrap && !needsBin && !needsHash && !needsManifest) { + return BB.resolve({}) + } else { + opts = optCheck(opts) + const tarStream = fetchFromManifest(pkg, spec, opts) + const extracted = needsExtract && new tar.Parse() + return BB.join( + needsShrinkwrap && jsonFromStream('npm-shrinkwrap.json', extracted), + needsManifest && jsonFromStream('package.json', extracted), + needsBin && getPaths(extracted), + needsHash && ssri.fromStream(tarStream, {algorithms: ['sha1', 'sha512']}), + needsExtract && pipe(tarStream, extracted), + (sr, mani, paths, hash) => { + if (needsManifest && !mani) { + const err = new Error(`Non-registry package missing package.json: ${spec}.`) + err.code = 'ENOPACKAGEJSON' + throw err + } + const extraProps = mani || {} + delete extraProps._resolved + // drain out the rest of the tarball + tarStream.resume() + // if we have directories.bin, we need to collect any matching files + // to add to bin + if (paths && paths.length) { + const dirBin = mani + ? (mani && mani.directories && mani.directories.bin) + : (pkg && pkg.directories && pkg.directories.bin) + if (dirBin) { + extraProps.bin = {} + paths.forEach(filePath => { + if (minimatch(filePath, dirBin + '/**')) { + const relative = path.relative(dirBin, filePath) + if (relative && relative[0] !== '.') { + extraProps.bin[path.basename(relative)] = path.join(dirBin, relative) + } + } + }) + } + } + return Object.assign(extraProps, { + _shrinkwrap: sr, + _resolved: (mani && mani._resolved) || + (pkg && pkg._resolved) || + spec.fetchSpec, + _integrity: needsIntegrity && hash && hash.sha512 && hash.sha512[0].toString(), + _shasum: needsShasum && hash && hash.sha1 && hash.sha1[0].hexDigest() + }) + } + ) + } +} + +function jsonFromStream (filename, dataStream) { + return BB.fromNode(cb => { + dataStream.on('error', cb) + dataStream.on('close', cb) + dataStream.on('entry', entry => { + const filePath = entry.header.path.replace(/[^/]+\//, '') + if (filePath !== filename) { + entry.resume() + } else { + let data = '' + entry.on('error', cb) + finished(entry).then(() => { + try { + cb(null, JSON.parse(data)) + } catch (err) { + cb(err) + } + }, err => { + cb(err) + }) + entry.on('data', d => { data += d }) + } + }) + }) +} + +function getPaths (dataStream) { + return BB.fromNode(cb => { + let paths = [] + dataStream.on('error', cb) + dataStream.on('close', () => cb(null, paths)) + dataStream.on('entry', function handler (entry) { + const filePath = entry.header.path.replace(/[^/]+\//, '') + entry.resume() + paths.push(filePath) + }) + }) +} + +function finalKey (pkg, spec) { + if (pkg && pkg._uniqueResolved) { + // git packages have a unique, identifiable id, but no tar sha + return cacheKey(`${spec.type}-manifest`, pkg._uniqueResolved) + } else { + return ( + pkg && pkg._integrity && + cacheKey( + `${spec.type}-manifest`, + `${pkg._resolved}:${ssri.stringify(pkg._integrity)}` + ) + ) + } +} diff --git a/node_modules/libcipm/node_modules/pacote/lib/util/cache-key.js b/node_modules/libcipm/node_modules/pacote/lib/util/cache-key.js new file mode 100644 index 000000000..157e60b0d --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/util/cache-key.js @@ -0,0 +1,6 @@ +'use strict' + +module.exports = cacheKey +function cacheKey (type, identifier) { + return ['pacote', type, identifier].join(':') +} diff --git a/node_modules/libcipm/node_modules/pacote/lib/util/finished.js b/node_modules/libcipm/node_modules/pacote/lib/util/finished.js new file mode 100644 index 000000000..6dadc8b5b --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/util/finished.js @@ -0,0 +1,17 @@ +'use strict' + +const BB = require('bluebird') + +module.exports = function (child, hasExitCode = false) { + return BB.fromNode(function (cb) { + child.on('error', cb) + child.on(hasExitCode ? 'close' : 'end', function (exitCode) { + if (exitCode === undefined || exitCode === 0) { + cb() + } else { + let err = new Error('exited with error code: ' + exitCode) + cb(err) + } + }) + }) +} diff --git a/node_modules/libcipm/node_modules/pacote/lib/util/git.js b/node_modules/libcipm/node_modules/pacote/lib/util/git.js new file mode 100644 index 000000000..919621227 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/util/git.js @@ -0,0 +1,265 @@ +'use strict' + +const BB = require('bluebird') + +const cp = require('child_process') +const execFileAsync = BB.promisify(cp.execFile, { + multiArgs: true +}) +const finished = require('./finished') +const LRU = require('lru-cache') +const optCheck = require('./opt-check') +const osenv = require('osenv') +const path = require('path') +const pinflight = require('promise-inflight') +const promiseRetry = require('promise-retry') +const uniqueFilename = require('unique-filename') +const which = BB.promisify(require('which')) +const semver = require('semver') + +const GOOD_ENV_VARS = new Set([ + 'GIT_ASKPASS', + 'GIT_EXEC_PATH', + 'GIT_PROXY_COMMAND', + 'GIT_SSH', + 'GIT_SSH_COMMAND', + 'GIT_SSL_CAINFO', + 'GIT_SSL_NO_VERIFY' +]) + +const GIT_TRANSIENT_ERRORS = [ + 'remote error: Internal Server Error', + 'The remote end hung up unexpectedly', + 'Connection timed out', + 'Operation timed out', + 'Failed to connect to .* Timed out', + 'Connection reset by peer', + 'SSL_ERROR_SYSCALL', + 'The requested URL returned error: 503' +].join('|') + +const GIT_TRANSIENT_ERROR_RE = new RegExp(GIT_TRANSIENT_ERRORS) + +function shouldRetry (error) { + return GIT_TRANSIENT_ERROR_RE.test(error) +} + +const GIT_ = 'GIT_' +let GITENV +function gitEnv () { + if (GITENV) { return GITENV } + const tmpDir = path.join(osenv.tmpdir(), 'pacote-git-template-tmp') + const tmpName = uniqueFilename(tmpDir, 'git-clone') + GITENV = { + GIT_ASKPASS: 'echo', + GIT_TEMPLATE_DIR: tmpName + } + Object.keys(process.env).forEach(k => { + if (GOOD_ENV_VARS.has(k) || !k.startsWith(GIT_)) { + GITENV[k] = process.env[k] + } + }) + return GITENV +} + +let GITPATH +try { + GITPATH = which.sync('git') +} catch (e) {} + +module.exports.clone = fullClone +function fullClone (repo, committish, target, opts) { + opts = optCheck(opts) + const gitArgs = ['clone', '--mirror', '-q', repo, path.join(target, '.git')] + if (process.platform === 'win32') { + gitArgs.push('--config', 'core.longpaths=true') + } + return execGit(gitArgs, {cwd: target}).then(() => { + return execGit(['init'], {cwd: target}) + }).then(() => { + return execGit(['checkout', committish || 'HEAD'], {cwd: target}) + }).then(() => { + return updateSubmodules(target, opts) + }).then(() => headSha(target, opts)) +} + +module.exports.shallow = shallowClone +function shallowClone (repo, branch, target, opts) { + opts = optCheck(opts) + const gitArgs = ['clone', '--depth=1', '-q'] + if (branch) { + gitArgs.push('-b', branch) + } + gitArgs.push(repo, target) + if (process.platform === 'win32') { + gitArgs.push('--config', 'core.longpaths=true') + } + return execGit(gitArgs, { + cwd: target + }, opts).then(() => { + return updateSubmodules(target, opts) + }).then(() => headSha(target, opts)) +} + +function updateSubmodules (localRepo, opts) { + const gitArgs = ['submodule', 'update', '-q', '--init', '--recursive'] + return execGit(gitArgs, { + cwd: localRepo + }, opts) +} + +function headSha (repo, opts) { + opts = optCheck(opts) + return execGit(['rev-parse', '--revs-only', 'HEAD'], {cwd: repo}, opts).spread(stdout => { + return stdout.trim() + }) +} + +const CARET_BRACES = '^{}' +const REVS = new LRU({ + max: 100, + maxAge: 5 * 60 * 1000 +}) +module.exports.revs = revs +function revs (repo, opts) { + opts = optCheck(opts) + const cached = REVS.get(repo) + if (cached) { + return BB.resolve(cached) + } + return pinflight(`ls-remote:${repo}`, () => { + return spawnGit(['ls-remote', '-h', '-t', repo], { + env: gitEnv() + }, opts).then((stdout) => { + return stdout.split('\n').reduce((revs, line) => { + const split = line.split(/\s+/, 2) + if (split.length < 2) { return revs } + const sha = split[0].trim() + const ref = split[1].trim().match(/(?:refs\/[^/]+\/)?(.*)/)[1] + if (!ref) { return revs } // ??? + if (ref.endsWith(CARET_BRACES)) { return revs } // refs/tags/x^{} crap + const type = refType(line) + const doc = {sha, ref, type} + + revs.refs[ref] = doc + // We can check out shallow clones on specific SHAs if we have a ref + if (revs.shas[sha]) { + revs.shas[sha].push(ref) + } else { + revs.shas[sha] = [ref] + } + + if (type === 'tag') { + const match = ref.match(/v?(\d+\.\d+\.\d+(?:[-+].+)?)$/) + if (match && semver.valid(match[1], true)) { + revs.versions[semver.clean(match[1], true)] = doc + } + } + + return revs + }, {versions: {}, 'dist-tags': {}, refs: {}, shas: {}}) + }, err => { + err.message = `Error while executing:\n${GITPATH} ls-remote -h -t ${repo}\n\n${err.stderr}\n${err.message}` + throw err + }).then(revs => { + if (revs.refs.HEAD) { + const HEAD = revs.refs.HEAD + Object.keys(revs.versions).forEach(v => { + if (v.sha === HEAD.sha) { + revs['dist-tags'].HEAD = v + if (!revs.refs.latest) { + revs['dist-tags'].latest = revs.refs.HEAD + } + } + }) + } + REVS.set(repo, revs) + return revs + }) + }) +} + +module.exports._exec = execGit +function execGit (gitArgs, gitOpts, opts) { + opts = optCheck(opts) + return checkGit().then(gitPath => { + return promiseRetry((retry, number) => { + if (number !== 1) { + opts.log.silly('pacote', 'Retrying git command: ' + gitArgs.join(' ') + ' attempt # ' + number) + } + return execFileAsync(gitPath, gitArgs, mkOpts(gitOpts, opts)).catch((err) => { + if (shouldRetry(err)) { + retry(err) + } else { + throw err + } + }) + }, opts.retry) + }) +} + +module.exports._spawn = spawnGit +function spawnGit (gitArgs, gitOpts, opts) { + opts = optCheck(opts) + return checkGit().then(gitPath => { + return promiseRetry((retry, number) => { + if (number !== 1) { + opts.log.silly('pacote', 'Retrying git command: ' + gitArgs.join(' ') + ' attempt # ' + number) + } + const child = cp.spawn(gitPath, gitArgs, mkOpts(gitOpts, opts)) + + let stdout = '' + let stderr = '' + child.stdout.on('data', d => { stdout += d }) + child.stderr.on('data', d => { stderr += d }) + + return finished(child, true).catch(err => { + if (shouldRetry(stderr)) { + retry(err) + } else { + err.stderr = stderr + throw err + } + }).then(() => { + return stdout + }) + }, opts.retry) + }) +} + +function mkOpts (_gitOpts, opts) { + const gitOpts = { + env: gitEnv() + } + if (+opts.uid && !isNaN(opts.uid)) { + gitOpts.uid = +opts.uid + } + if (+opts.gid && !isNaN(opts.gid)) { + gitOpts.gid = +opts.gid + } + Object.assign(gitOpts, _gitOpts) + return gitOpts +} + +function checkGit () { + if (!GITPATH) { + const err = new Error('No git binary found in $PATH') + err.code = 'ENOGIT' + return BB.reject(err) + } else { + return BB.resolve(GITPATH) + } +} + +const REFS_TAGS = 'refs/tags/' +const REFS_HEADS = 'refs/heads/' +const HEAD = 'HEAD' +function refType (ref) { + return ref.indexOf(REFS_TAGS) !== -1 + ? 'tag' + : ref.indexOf(REFS_HEADS) !== -1 + ? 'branch' + : ref.endsWith(HEAD) + ? 'head' + : 'other' +} diff --git a/node_modules/libcipm/node_modules/pacote/lib/util/opt-check.js b/node_modules/libcipm/node_modules/pacote/lib/util/opt-check.js new file mode 100644 index 000000000..d13a69e4d --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/util/opt-check.js @@ -0,0 +1,64 @@ +'use strict' + +const pkg = require('../../package.json') +const silentlog = require('./silentlog') + +function PacoteOptions (opts) { + opts = opts || {} + this._isPacoteOptions = true + this.agent = opts.agent + this.annotate = opts.annotate + this.auth = opts.auth + this.scopeTargets = opts.scopeTargets || {} + this.defaultTag = opts.defaultTag || 'latest' + this.cache = opts.cache + this.ca = opts.ca + this.cert = opts.cert + this.integrity = opts.integrity + this.key = opts.key + this.localAddress = opts.localAddress + this.log = opts.log || silentlog + this.memoize = opts.memoize + this.maxSockets = opts.maxSockets || 10 + this.offline = opts.offline + this.preferOffline = opts.preferOffline + this.proxy = opts.proxy + this.noProxy = opts.noProxy + this.registry = opts.registry || 'https://registry.npmjs.org' + this.resolved = opts.resolved + this.retry = opts.retry // for npm-registry-client + this.scope = opts.scope + this.userAgent = opts.userAgent || `${pkg.name}@${pkg.version}/node@${process.version}+${process.arch} (${process.platform})` + this.where = opts.where + this.preferOnline = opts.preferOnline + this.strictSSL = !!opts.strictSSL + this.isFromCI = !!( + opts.isFromCI || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] + ) + this.npmSession = opts.npmSession + this.refer = opts.referer || opts.refer + this.projectScope = opts.projectScope + this.fullMetadata = opts.fullMetadata + this.alwaysAuth = opts.alwaysAuth + this.includeDeprecated = opts.includeDeprecated == null + ? true + : opts.includeDeprecated + + this.dirPacker = opts.dirPacker || null + + this.uid = opts.uid + this.gid = opts.gid + + this.dmode = opts.dmode + this.fmode = opts.fmode + this.umask = opts.umask +} + +module.exports = optCheck +function optCheck (opts) { + return new PacoteOptions(opts) +} diff --git a/node_modules/libcipm/node_modules/pacote/lib/util/pack-dir.js b/node_modules/libcipm/node_modules/pacote/lib/util/pack-dir.js new file mode 100644 index 000000000..62776692e --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/util/pack-dir.js @@ -0,0 +1,44 @@ +'use strict' + +const BB = require('bluebird') + +const cacache = require('cacache') +const cacheKey = require('./cache-key') +const optCheck = require('./opt-check') +const packlist = require('npm-packlist') +const pipe = BB.promisify(require('mississippi').pipe) +const tar = require('tar') + +module.exports = packDir +function packDir (manifest, label, dir, target, opts) { + opts = optCheck(opts) + + const packer = opts.dirPacker + ? BB.resolve(opts.dirPacker(manifest, dir)) + : mkPacker(dir) + + if (!opts.cache) { + return packer.then(packer => pipe(packer, target)) + } else { + const cacher = cacache.put.stream( + opts.cache, cacheKey('packed-dir', label), opts + ).on('integrity', i => { + target.emit('integrity', i) + }) + return packer.then(packer => BB.all([ + pipe(packer, cacher), + pipe(packer, target) + ])) + } +} + +function mkPacker (dir) { + return packlist({path: dir}).then(files => { + return tar.c({ + cwd: dir, + gzip: true, + portable: true, + prefix: 'package/' + }, files) + }) +} diff --git a/node_modules/pacote/lib/util/silentlog.js b/node_modules/libcipm/node_modules/pacote/lib/util/silentlog.js index 4c9d6c57e..4c9d6c57e 100644 --- a/node_modules/pacote/lib/util/silentlog.js +++ b/node_modules/libcipm/node_modules/pacote/lib/util/silentlog.js diff --git a/node_modules/libcipm/node_modules/pacote/lib/with-tarball-stream.js b/node_modules/libcipm/node_modules/pacote/lib/with-tarball-stream.js new file mode 100644 index 000000000..653a4a688 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/lib/with-tarball-stream.js @@ -0,0 +1,135 @@ +'use strict' + +const BB = require('bluebird') + +const cacache = require('cacache') +const fetch = require('./fetch.js') +const fs = require('fs') +const npa = require('npm-package-arg') +const optCheck = require('./util/opt-check.js') +const path = require('path') +const ssri = require('ssri') +const retry = require('promise-retry') + +const statAsync = BB.promisify(fs.stat) + +const RETRIABLE_ERRORS = new Set(['ENOENT', 'EINTEGRITY', 'Z_DATA_ERROR']) + +module.exports = withTarballStream +function withTarballStream (spec, opts, streamHandler) { + opts = optCheck(opts) + spec = npa(spec, opts.where) + + // First, we check for a file: resolved shortcut + const tryFile = ( + !opts.preferOnline && + opts.integrity && + opts.resolved && + opts.resolved.startsWith('file:') + ) + ? BB.try(() => { + // NOTE - this is a special shortcut! Packages installed as files do not + // have a `resolved` field -- this specific case only occurs when you have, + // say, a git dependency or a registry dependency that you've packaged into + // a local file, and put that file: spec in the `resolved` field. + opts.log.silly('pacote', `trying ${spec} by local file: ${opts.resolved}`) + const file = path.resolve(opts.where || '.', opts.resolved.substr(5)) + return statAsync(file) + .then(() => { + const verifier = ssri.integrityStream({integrity: opts.integrity}) + const stream = fs.createReadStream(file) + .on('error', err => verifier.emit('error', err)) + .pipe(verifier) + return streamHandler(stream) + }) + .catch(err => { + if (err.code === 'EINTEGRITY') { + opts.log.warn('pacote', `EINTEGRITY while extracting ${spec} from ${file}.You will have to recreate the file.`) + opts.log.verbose('pacote', `EINTEGRITY for ${spec}: ${err.message}`) + } + throw err + }) + }) + : BB.reject(Object.assign(new Error('no file!'), {code: 'ENOENT'})) + + const tryDigest = tryFile + .catch(err => { + if ( + opts.preferOnline || + !opts.cache || + !opts.integrity || + !RETRIABLE_ERRORS.has(err.code) + ) { + throw err + } else { + opts.log.silly('tarball', `trying ${spec} by hash: ${opts.integrity}`) + const stream = cacache.get.stream.byDigest( + opts.cache, opts.integrity, opts + ) + stream.once('error', err => stream.on('newListener', (ev, l) => { + if (ev === 'error') { l(err) } + })) + return streamHandler(stream) + .catch(err => { + if (err.code === 'EINTEGRITY' || err.code === 'Z_DATA_ERROR') { + opts.log.warn('tarball', `cached data for ${spec} (${opts.integrity}) seems to be corrupted. Refreshing cache.`) + return cleanUpCached(opts.cache, opts.integrity, opts) + .then(() => { throw err }) + } else { + throw err + } + }) + } + }) + + const trySpec = tryDigest + .catch(err => { + if (!RETRIABLE_ERRORS.has(err.code)) { + // If it's not one of our retriable errors, bail out and give up. + throw err + } else { + opts.log.silly( + 'tarball', + `no local data for ${spec}. Extracting by manifest.` + ) + return BB.resolve(retry((tryAgain, attemptNum) => { + const tardata = fetch.tarball(spec, opts) + if (!opts.resolved) { + tardata.on('manifest', m => { + opts.resolved = m._resolved + }) + tardata.on('integrity', i => { + opts.integrity = i + }) + } + return BB.try(() => streamHandler(tardata)) + .catch(err => { + // Retry once if we have a cache, to clear up any weird conditions. + // Don't retry network errors, though -- make-fetch-happen has already + // taken care of making sure we're all set on that front. + if (opts.cache && err.code && !err.code.match(/^E\d{3}$/)) { + if (err.code === 'EINTEGRITY' || err.code === 'Z_DATA_ERROR') { + opts.log.warn('tarball', `tarball data for ${spec} (${opts.integrity}) seems to be corrupted. Trying one more time.`) + } + return cleanUpCached(opts.cache, err.sri, opts) + .then(() => tryAgain(err)) + } else { + throw err + } + }) + }, {retries: 1})) + } + }) + + return trySpec + .catch(err => { + if (err.code === 'EINTEGRITY') { + err.message = `Verification failed while extracting ${spec}:\n${err.message}` + } + throw err + }) +} + +function cleanUpCached (cachePath, integrity, opts) { + return cacache.rm.content(cachePath, integrity, opts) +} diff --git a/node_modules/libcipm/node_modules/pacote/manifest.js b/node_modules/libcipm/node_modules/pacote/manifest.js new file mode 100644 index 000000000..6a89ff76b --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/manifest.js @@ -0,0 +1,38 @@ +'use strict' + +const fetchManifest = require('./lib/fetch').manifest +const finalizeManifest = require('./lib/finalize-manifest') +const optCheck = require('./lib/util/opt-check') +const pinflight = require('promise-inflight') +const npa = require('npm-package-arg') + +module.exports = manifest +function manifest (spec, opts) { + opts = optCheck(opts) + spec = npa(spec, opts.where) + + const label = [ + spec.name, + spec.saveSpec || spec.fetchSpec, + spec.type, + opts.cache, + opts.registry, + opts.scope + ].join(':') + return pinflight(label, () => { + const startTime = Date.now() + return fetchManifest(spec, opts).then(rawManifest => { + return finalizeManifest(rawManifest, spec, opts) + }).then(manifest => { + if (opts.annotate) { + manifest._from = spec.saveSpec || spec.raw + manifest._requested = spec + manifest._spec = spec.raw + manifest._where = opts.where + } + const elapsedTime = Date.now() - startTime + opts.log.silly('pacote', `${spec.type} manifest for ${spec.name}@${spec.saveSpec || spec.fetchSpec} fetched in ${elapsedTime}ms`) + return manifest + }) + }) +} diff --git a/node_modules/libcipm/node_modules/pacote/package.json b/node_modules/libcipm/node_modules/pacote/package.json new file mode 100644 index 000000000..f0ecbc057 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/package.json @@ -0,0 +1,113 @@ +{ + "_from": "pacote@^8.1.6", + "_id": "pacote@8.1.6", + "_inBundle": false, + "_integrity": "sha512-wTOOfpaAQNEQNtPEx92x9Y9kRWVu45v583XT8x2oEV2xRB74+xdqMZIeGW4uFvAyZdmSBtye+wKdyyLaT8pcmw==", + "_location": "/libcipm/pacote", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "pacote@^8.1.6", + "name": "pacote", + "escapedName": "pacote", + "rawSpec": "^8.1.6", + "saveSpec": null, + "fetchSpec": "^8.1.6" + }, + "_requiredBy": [ + "/libcipm" + ], + "_resolved": "https://registry.npmjs.org/pacote/-/pacote-8.1.6.tgz", + "_shasum": "8e647564d38156367e7a9dc47a79ca1ab278d46e", + "_spec": "pacote@^8.1.6", + "_where": "/Users/zkat/Documents/code/work/npm/node_modules/libcipm", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/zkat/pacote/issues" + }, + "bundleDependencies": false, + "contributors": [ + { + "name": "Charlotte Spencer", + "email": "charlottelaspencer@gmail.com" + }, + { + "name": "Rebecca Turner", + "email": "me@re-becca.org" + } + ], + "dependencies": { + "bluebird": "^3.5.1", + "cacache": "^11.0.2", + "get-stream": "^3.0.0", + "glob": "^7.1.2", + "lru-cache": "^4.1.3", + "make-fetch-happen": "^4.0.1", + "minimatch": "^3.0.4", + "minipass": "^2.3.3", + "mississippi": "^3.0.0", + "mkdirp": "^0.5.1", + "normalize-package-data": "^2.4.0", + "npm-package-arg": "^6.1.0", + "npm-packlist": "^1.1.10", + "npm-pick-manifest": "^2.1.0", + "osenv": "^0.1.5", + "promise-inflight": "^1.0.1", + "promise-retry": "^1.1.1", + "protoduck": "^5.0.0", + "rimraf": "^2.6.2", + "safe-buffer": "^5.1.2", + "semver": "^5.5.0", + "ssri": "^6.0.0", + "tar": "^4.4.3", + "unique-filename": "^1.1.0", + "which": "^1.3.0" + }, + "deprecated": false, + "description": "JavaScript package downloader", + "devDependencies": { + "nock": "^9.2.6", + "npmlog": "^4.1.2", + "nyc": "^11.8.0", + "require-inject": "^1.4.3", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tacks": "^1.2.6", + "tap": "^12.0.1", + "tar-stream": "^1.6.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.7" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/zkat/pacote#readme", + "keywords": [ + "packages", + "npm", + "git" + ], + "license": "MIT", + "main": "index.js", + "name": "pacote", + "repository": { + "type": "git", + "url": "git+https://github.com/zkat/pacote.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "nyc --all -- tap -J test/*.js", + "test-docker": "docker run -it --rm --name pacotest -v \"$PWD\":/tmp -w /tmp node:latest npm test", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "8.1.6" +} diff --git a/node_modules/libcipm/node_modules/pacote/prefetch.js b/node_modules/libcipm/node_modules/pacote/prefetch.js new file mode 100644 index 000000000..d17725993 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/prefetch.js @@ -0,0 +1,64 @@ +'use strict' + +const BB = require('bluebird') + +const cacache = require('cacache') +const finished = BB.promisify(require('mississippi').finished) +const optCheck = require('./lib/util/opt-check') +const npa = require('npm-package-arg') + +module.exports = prefetch +function prefetch (spec, opts) { + opts = optCheck(opts) + spec = npa(spec, opts.where) + opts.log.warn('prefetch', 'pacote.prefetch() is deprecated. Please use pacote.tarball() instead.') + const startTime = Date.now() + if (!opts.cache) { + opts.log.info('prefetch', 'skipping prefetch: no cache provided') + return BB.resolve({spec}) + } + if (opts.integrity && !opts.preferOnline) { + opts.log.silly('prefetch', 'checking if', opts.integrity, 'is already cached') + return cacache.get.hasContent(opts.cache, opts.integrity).then(info => { + if (info) { + opts.log.silly('prefetch', `content already exists for ${spec} (${Date.now() - startTime}ms)`) + return { + spec, + integrity: info.integrity, + size: info.size, + byDigest: true + } + } else { + return prefetchByManifest(startTime, spec, opts) + } + }) + } else { + opts.log.silly('prefetch', `no integrity hash provided for ${spec} - fetching by manifest`) + return prefetchByManifest(startTime, spec, opts) + } +} + +let fetch +function prefetchByManifest (start, spec, opts) { + let manifest + let integrity + return BB.resolve().then(() => { + if (!fetch) { + fetch = require('./lib/fetch') + } + const stream = fetch.tarball(spec, opts) + if (!stream) { return } + stream.on('data', function () {}) + stream.on('manifest', m => { manifest = m }) + stream.on('integrity', i => { integrity = i }) + return finished(stream) + }).then(() => { + opts.log.silly('prefetch', `${spec} done in ${Date.now() - start}ms`) + return { + manifest, + spec, + integrity: integrity || (manifest && manifest._integrity), + byDigest: false + } + }) +} diff --git a/node_modules/libcipm/node_modules/pacote/tarball.js b/node_modules/libcipm/node_modules/pacote/tarball.js new file mode 100644 index 000000000..e0ad52ab3 --- /dev/null +++ b/node_modules/libcipm/node_modules/pacote/tarball.js @@ -0,0 +1,67 @@ +'use strict' + +const BB = require('bluebird') + +const fs = require('fs') +const getStream = require('get-stream') +const mkdirp = BB.promisify(require('mkdirp')) +const npa = require('npm-package-arg') +const optCheck = require('./lib/util/opt-check.js') +const PassThrough = require('stream').PassThrough +const path = require('path') +const rimraf = BB.promisify(require('rimraf')) +const withTarballStream = require('./lib/with-tarball-stream.js') + +module.exports = tarball +function tarball (spec, opts) { + opts = optCheck(opts) + spec = npa(spec, opts.where) + return withTarballStream(spec, opts, stream => getStream.buffer(stream)) +} + +module.exports.stream = tarballStream +function tarballStream (spec, opts) { + opts = optCheck(opts) + spec = npa(spec, opts.where) + const output = new PassThrough() + let hasTouchedOutput = false + let lastError = null + withTarballStream(spec, opts, stream => { + if (hasTouchedOutput && lastError) { + throw lastError + } else if (hasTouchedOutput) { + throw new Error('abort, abort!') + } else { + return new BB((resolve, reject) => { + stream.on('error', reject) + output.on('error', reject) + output.on('error', () => { hasTouchedOutput = true }) + output.on('finish', resolve) + stream.pipe(output) + stream.once('data', () => { hasTouchedOutput = true }) + }).catch(err => { + lastError = err + throw err + }) + } + }) + .catch(err => output.emit('error', err)) + return output +} + +module.exports.toFile = tarballToFile +function tarballToFile (spec, dest, opts) { + opts = optCheck(opts) + spec = npa(spec, opts.where) + return mkdirp(path.dirname(dest)) + .then(() => withTarballStream(spec, opts, stream => { + return rimraf(dest) + .then(() => new BB((resolve, reject) => { + const writer = fs.createWriteStream(dest) + stream.on('error', reject) + writer.on('error', reject) + writer.on('close', resolve) + stream.pipe(writer) + })) + })) +} diff --git a/node_modules/pacote/CHANGELOG.md b/node_modules/pacote/CHANGELOG.md index 703f566c4..b3974de0c 100644 --- a/node_modules/pacote/CHANGELOG.md +++ b/node_modules/pacote/CHANGELOG.md @@ -2,6 +2,48 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +<a name="9.1.0"></a> +# [9.1.0](https://github.com/zkat/pacote/compare/v9.0.0...v9.1.0) (2018-08-15) + + +### Bug Fixes + +* **docs:** tweaking ToC ([1eeb8a0](https://github.com/zkat/pacote/commit/1eeb8a0)) +* **packument:** take accept header into account when memoizing ([3c637e8](https://github.com/zkat/pacote/commit/3c637e8)) + + +### Features + +* **aliases:** add support for registry alias specs ([b173f26](https://github.com/zkat/pacote/commit/b173f26)) +* **packument:** add packument api ([97888d9](https://github.com/zkat/pacote/commit/97888d9)) + + + +<a name="9.0.0"></a> +# [9.0.0](https://github.com/zkat/pacote/compare/v8.1.6...v9.0.0) (2018-07-31) + + +### Bug Fixes + +* **travis:** idk why travis was failing ([ab593c9](https://github.com/zkat/pacote/commit/ab593c9)) + + +### Features + +* **config:** convert to use figgy-pudding ([0b5bb82](https://github.com/zkat/pacote/commit/0b5bb82)) +* **log:** use process.emit-style logging by default ([29ff8b3](https://github.com/zkat/pacote/commit/29ff8b3)) +* **registry:** switch to npm-registry-fetch ([c43d6b0](https://github.com/zkat/pacote/commit/c43d6b0)) + + +### BREAKING CHANGES + +* **log:** pacote will start emitting events on the process object by default now, instead of doing silent logging +* **registry:** config has changed significantly, especially +for auth and registry-related configs. Refer to README.md +for available options. + + + <a name="8.1.6"></a> ## [8.1.6](https://github.com/zkat/pacote/compare/v8.1.5...v8.1.6) (2018-05-24) diff --git a/node_modules/pacote/README.md b/node_modules/pacote/README.md index 5c9985549..da8cc08a2 100644 --- a/node_modules/pacote/README.md +++ b/node_modules/pacote/README.md @@ -16,13 +16,14 @@ needed to reduce excess operations, using [`cacache`](https://npm.im/cacache). * [Contributing](#contributing) * [API](#api) * [`manifest`](#manifest) + * [`packument`](#packument) * [`extract`](#extract) * [`tarball`](#tarball) * [`tarball.stream`](#tarball-stream) * [`tarball.toFile`](#tarball-to-file) - * [`prefetch`](#prefetch) - * [`options`](#options) + * ~~[`prefetch`](#prefetch)~~ (deprecated) * [`clearMemoized`](#clearMemoized) + * [`options`](#options) ### Example @@ -88,6 +89,43 @@ pacote.manifest('pacote@1.0.0').then(pkgJson => { }) ``` +#### <a name="packument"></a> `> pacote.packument(spec, [opts])` + +Fetches the *packument* for a package. Packument objects are general metadata +about a project corresponding to registry metadata, and include version and +`dist-tag` information about a package's available versions, rather than a +specific version. It may include additional metadata not usually available +through the individual package metadata objects. + +It generally looks something like this: + +```javascript +{ + "name": PkgName, + "dist-tags": { + 'latest': VersionString, + [TagName]: VersionString, + ... + }, + "versions": { + [VersionString]: Manifest, + ... + } +} +``` + +Note that depending on the spec type, some additional fields might be present. +For example, packages from `registry.npmjs.org` have additional metadata +appended by the registry. + +##### Example + +```javascript +pacote.packument('pacote').then(pkgJson => { + // fetched package versions metadata from the registry +}) +``` + #### <a name="extract"></a> `> pacote.extract(spec, destination, [opts])` Extracts package data identified by `<spec>` into a directory named @@ -176,26 +214,65 @@ pacote.manifest(...).then(() => pacote.clearMemoized) #### <a name="options"></a> `> options` -##### `opts.integrity` +`pacote` accepts [the options for +`npm-registry-fetch`](https://npm.im/npm-registry-fetch#fetch-options) as-is, +with a couple of additional `pacote-specific` ones: + +##### <a name="dirPacker"></a> `opts.dirPacker` + +* Type: Function +* Default: Uses [`npm-packlist`](https://npm.im/npm-packlist) and [`tar`](https://npm.im/tar) to make a tarball. + +Expects a function that takes a single argument, `dir`, and returns a +`ReadableStream` that outputs packaged tarball data. Used when creating tarballs +for package specs that are not already packaged, such as git and directory +dependencies. The default `opts.dirPacker` does not execute `prepare` scripts, +even though npm itself does. + +##### <a name="opts-include-deprecated"></a> `opts.include-deprecated` + +* Alias: `opts.includeDeprecated` +* Type: Boolean +* Default: false + +If false, deprecated versions will be skipped when selecting from registry range +specifiers. If true, deprecations do not affect version selection. + +##### <a name="opts-full-metadata"></a> `opts.full-metadata` + +* Type: Boolean +* Default: false + +If `true`, the full packument will be fetched when doing metadata requests. By +defaul, `pacote` only fetches the summarized packuments, also called "corgis". + +##### <a name="opts-tag"></a> `opts.tag` + +* Alias: `opts.defaultTag` +* Type: String +* Default: `'latest'` + +Package version resolution tag. When processing registry spec ranges, this +option is used to determine what dist-tag to treat as "latest". For more details +about how `pacote` selects versions and how `tag` is involved, see [the +documentation for `npm-pick-manifest`](https://npm.im/npm-pick-manifest). + +##### <a name="opts-resolved"></a> `opts.resolved` -If provided, pacote will confirm that the relevant integrity hash for each -operation's results matches the given digest. The call will return `EINTEGRITY` -if the check fails. +* Type: String +* Default: null -Additionally, `pacote.extract` will use this integrity string check the cache -directly for matching contents before performing any other operations. +When fetching tarballs, this option can be passed in to skip registry metadata +lookups when downloading tarballs. If the string is a `file:` URL, pacote will +try to read the referenced local file before attempting to do any further +lookups. This option does not bypass integrity checks when `opts.integrity` is +passed in. -##### `opts.cache` -##### `opts.cacheUid`/`opts.cacheGid` -##### `opts.uid`/`opts.gid` -##### `opts.scope` -##### `opts.registry` -##### `opts.@somescope:registry` -##### `opts.auth` -##### `opts.log` -##### `opts.maxSockets` +##### <a name="opts-where"></a> `opts.where` -Default: `silentNpmLog` +* Type: String +* Default: null -An [`npmlog`](https://npm.im/npmlog)-compatible logger. Will be used to log -various events at the levels specified by `npmlog`. +Passed as an argument to [`npm-package-arg`](https://npm.im/npm-package-arg) +when resolving `spec` arguments. Used to determine what path to resolve local +path specs relatively from. diff --git a/node_modules/pacote/index.js b/node_modules/pacote/index.js index 7889a5edf..a0ed98759 100644 --- a/node_modules/pacote/index.js +++ b/node_modules/pacote/index.js @@ -3,6 +3,7 @@ module.exports = { extract: require('./extract'), manifest: require('./manifest'), + packument: require('./packument'), prefetch: require('./prefetch'), tarball: require('./tarball'), clearMemoized: require('./lib/fetch').clearMemoized diff --git a/node_modules/pacote/lib/fetch.js b/node_modules/pacote/lib/fetch.js index 5c45fa21d..f9fdb642b 100644 --- a/node_modules/pacote/lib/fetch.js +++ b/node_modules/pacote/lib/fetch.js @@ -3,6 +3,7 @@ const duck = require('protoduck') const Fetcher = duck.define(['spec', 'opts', 'manifest'], { + packument: ['spec', 'opts'], manifest: ['spec', 'opts'], tarball: ['spec', 'opts'], fromManifest: ['manifest', 'spec', 'opts'], @@ -10,6 +11,12 @@ const Fetcher = duck.define(['spec', 'opts', 'manifest'], { }, {name: 'Fetcher'}) module.exports = Fetcher +module.exports.packument = packument +function packument (spec, opts) { + const fetcher = getFetcher(spec.type) + return fetcher.packument(spec, opts) +} + module.exports.manifest = manifest function manifest (spec, opts) { const fetcher = getFetcher(spec.type) @@ -40,6 +47,9 @@ function getFetcher (type) { // This is spelled out both to prevent sketchy stuff and to make life // easier for bundlers/preprocessors. switch (type) { + case 'alias': + fetchers[type] = require('./fetchers/alias') + break case 'directory': fetchers[type] = require('./fetchers/directory') break diff --git a/node_modules/pacote/lib/fetchers/alias.js b/node_modules/pacote/lib/fetchers/alias.js new file mode 100644 index 000000000..f22cbb1d7 --- /dev/null +++ b/node_modules/pacote/lib/fetchers/alias.js @@ -0,0 +1,24 @@ +'use strict' + +const Fetcher = require('../fetch') +const fetchRegistry = require('./registry') + +const fetchRemote = module.exports = Object.create(null) + +Fetcher.impl(fetchRemote, { + packument (spec, opts) { + return fetchRegistry.packument(spec.subSpec, opts) + }, + + manifest (spec, opts) { + return fetchRegistry.manifest(spec.subSpec, opts) + }, + + tarball (spec, opts) { + return fetchRegistry.tarball(spec.subSpec, opts) + }, + + fromManifest (manifest, spec, opts) { + return fetchRegistry.fromManifest(manifest, spec.subSpec, opts) + } +}) diff --git a/node_modules/pacote/lib/fetchers/directory.js b/node_modules/pacote/lib/fetchers/directory.js index f6e680f66..146ba3344 100644 --- a/node_modules/pacote/lib/fetchers/directory.js +++ b/node_modules/pacote/lib/fetchers/directory.js @@ -14,6 +14,21 @@ const readFileAsync = BB.promisify(require('fs').readFile) const fetchDirectory = module.exports = Object.create(null) Fetcher.impl(fetchDirectory, { + packument (spec, opts) { + return this.manifest(spec, opts).then(manifest => { + return Object.assign({}, manifest, { + 'dist-tags': { + 'latest': manifest.version + }, + time: { + [manifest.version]: (new Date()).toISOString() + }, + versions: { + [manifest.version]: manifest + } + }) + }) + }, // `directory` manifests come from the actual manifest/lockfile data. manifest (spec, opts) { const pkgPath = path.join(spec.fetchSpec, 'package.json') diff --git a/node_modules/pacote/lib/fetchers/file.js b/node_modules/pacote/lib/fetchers/file.js index 5688cd1bd..6f40c8204 100644 --- a/node_modules/pacote/lib/fetchers/file.js +++ b/node_modules/pacote/lib/fetchers/file.js @@ -17,6 +17,10 @@ const MAX_BULK_SIZE = 2 * 1024 * 1024 // 2MB const fetchFile = module.exports = Object.create(null) Fetcher.impl(fetchFile, { + packument (spec, opts) { + return BB.reject(new Error('Not implemented yet')) + }, + manifest (spec, opts) { // We can't do much here. `finalizeManifest` will take care of // calling `tarball` to fill out all the necessary details. diff --git a/node_modules/pacote/lib/fetchers/git.js b/node_modules/pacote/lib/fetchers/git.js index 66a2093ee..5d16a57d2 100644 --- a/node_modules/pacote/lib/fetchers/git.js +++ b/node_modules/pacote/lib/fetchers/git.js @@ -21,6 +21,10 @@ const uniqueFilename = require('unique-filename') const fetchGit = module.exports = Object.create(null) Fetcher.impl(fetchGit, { + packument (spec, opts) { + return BB.reject(new Error('Not implemented yet.')) + }, + manifest (spec, opts) { opts = optCheck(opts) if (spec.hosted && spec.hosted.getDefaultRepresentation() === 'shortcut') { diff --git a/node_modules/pacote/lib/fetchers/registry/index.js b/node_modules/pacote/lib/fetchers/registry/index.js index 78bdc2342..2cca7040b 100644 --- a/node_modules/pacote/lib/fetchers/registry/index.js +++ b/node_modules/pacote/lib/fetchers/registry/index.js @@ -3,11 +3,16 @@ const cacache = require('cacache') const Fetcher = require('../../fetch') const regManifest = require('./manifest') +const regPackument = require('./packument') const regTarball = require('./tarball') const fetchRegistry = module.exports = Object.create(null) Fetcher.impl(fetchRegistry, { + packument (spec, opts) { + return regPackument(spec, opts) + }, + manifest (spec, opts) { return regManifest(spec, opts) }, @@ -22,6 +27,6 @@ Fetcher.impl(fetchRegistry, { clearMemoized () { cacache.clearMemoized() - regManifest.clearMemoized() + regPackument.clearMemoized() } }) diff --git a/node_modules/pacote/lib/fetchers/registry/manifest.js b/node_modules/pacote/lib/fetchers/registry/manifest.js index 4e5a8010e..d768e8968 100644 --- a/node_modules/pacote/lib/fetchers/registry/manifest.js +++ b/node_modules/pacote/lib/fetchers/registry/manifest.js @@ -1,40 +1,22 @@ 'use strict' -const BB = require('bluebird') - -const fetch = require('./fetch') -const LRU = require('lru-cache') +const fetch = require('npm-registry-fetch') +const fetchPackument = require('./packument') const optCheck = require('../../util/opt-check') const pickManifest = require('npm-pick-manifest') -const pickRegistry = require('./pick-registry') const ssri = require('ssri') -const url = require('url') - -// Corgis are cute. 🐕🐶 -const CORGI_DOC = 'application/vnd.npm.install-v1+json; q=1.0, application/json; q=0.8, */*' -const JSON_DOC = 'application/json' module.exports = manifest function manifest (spec, opts) { opts = optCheck(opts) - const registry = pickRegistry(spec, opts) - const uri = metadataUrl(registry, spec.escapedName) - - return getManifest(uri, registry, spec, opts).then(manifest => { - return annotateManifest(uri, registry, manifest) + return getManifest(spec, opts).then(manifest => { + return annotateManifest(spec, manifest, opts) }) } -function metadataUrl (registry, name) { - const normalized = registry.slice(-1) !== '/' - ? registry + '/' - : registry - return url.resolve(normalized, name) -} - -function getManifest (uri, registry, spec, opts) { - return fetchPackument(uri, spec, registry, opts).then(packument => { +function getManifest (spec, opts) { + return fetchPackument(spec, opts).then(packument => { try { return pickManifest(packument, spec.fetchSpec, { defaultTag: opts.defaultTag, @@ -46,9 +28,11 @@ function getManifest (uri, registry, spec, opts) { 'registry:manifest', `no matching version for ${spec.name}@${spec.fetchSpec} in the cache. Forcing revalidation` ) - opts.preferOffline = false - opts.preferOnline = true - return fetchPackument(uri, spec, registry, opts).then(packument => { + opts = opts.concat({ + preferOffline: false, + preferOnline: true + }) + return fetchPackument(spec, opts).then(packument => { return pickManifest(packument, spec.fetchSpec, { defaultTag: opts.defaultTag }) @@ -60,69 +44,7 @@ function getManifest (uri, registry, spec, opts) { }) } -// TODO - make this an opt -const MEMO = new LRU({ - length: m => m._contentLength, - max: 200 * 1024 * 1024, // 200MB - maxAge: 30 * 1000 // 30s -}) - -module.exports.clearMemoized = clearMemoized -function clearMemoized () { - MEMO.reset() -} - -function fetchPackument (uri, spec, registry, opts) { - const mem = pickMem(opts) - if (mem && !opts.preferOnline && mem.has(uri)) { - return BB.resolve(mem.get(uri)) - } - - return fetch(uri, registry, Object.assign({ - headers: { - 'pacote-req-type': 'packument', - 'pacote-pkg-id': `registry:${manifest.name}`, - accept: opts.fullMetadata ? JSON_DOC : CORGI_DOC - }, - spec - }, opts, { - // Force integrity to null: we never check integrity hashes for manifests - integrity: null - })).then(res => res.json().then(packument => { - packument._cached = decodeURIComponent(res.headers.has('x-local-cache')) - packument._contentLength = +res.headers.get('content-length') - // NOTE - we need to call pickMem again because proxy - // objects get reused! - const mem = pickMem(opts) - if (mem) { - mem.set(uri, packument) - } - return packument - })) -} - -class ObjProxy { - get (key) { return this.obj[key] } - set (key, val) { this.obj[key] = val } -} - -// This object is used synchronously and immediately, so -// we can safely reuse it instead of consing up new ones -const PROX = new ObjProxy() -function pickMem (opts) { - if (!opts || !opts.memoize) { - return MEMO - } else if (opts.memoize.get && opts.memoize.set) { - return opts.memoize - } else if (typeof opts.memoize === 'object') { - PROX.obj = opts.memoize - return PROX - } else { - return null - } -} - -function annotateManifest (uri, registry, manifest) { +function annotateManifest (spec, manifest, opts) { const shasum = manifest.dist && manifest.dist.shasum manifest._integrity = manifest.dist && manifest.dist.integrity manifest._shasum = shasum @@ -134,6 +56,9 @@ function annotateManifest (uri, registry, manifest) { manifest.dist && manifest.dist.tarball ) if (!manifest._resolved) { + const registry = fetch.pickRegistry(spec, opts) + const uri = registry.replace(/\/?$/, '/') + spec.escapedName + const err = new Error( `Manifest for ${manifest.name}@${manifest.version} from ${uri} is missing a tarball url (pkg.dist.tarball). Guessing a default.` ) diff --git a/node_modules/pacote/lib/fetchers/registry/packument.js b/node_modules/pacote/lib/fetchers/registry/packument.js new file mode 100644 index 000000000..bd067732c --- /dev/null +++ b/node_modules/pacote/lib/fetchers/registry/packument.js @@ -0,0 +1,84 @@ +'use strict' + +const BB = require('bluebird') + +const fetch = require('npm-registry-fetch') +const LRU = require('lru-cache') +const optCheck = require('../../util/opt-check') + +// Corgis are cute. 🐕🐶 +const CORGI_DOC = 'application/vnd.npm.install-v1+json; q=1.0, application/json; q=0.8, */*' +const JSON_DOC = 'application/json' + +module.exports = packument +function packument (spec, opts) { + opts = optCheck(opts) + + const registry = fetch.pickRegistry(spec, opts) + const uri = registry.replace(/\/?$/, '/') + spec.escapedName + + return fetchPackument(uri, registry, spec, opts) +} + +const MEMO = new LRU({ + length: m => m._contentLength, + max: 200 * 1024 * 1024, // 200MB + maxAge: 30 * 1000 // 30s +}) + +module.exports.clearMemoized = clearMemoized +function clearMemoized () { + MEMO.reset() +} + +function fetchPackument (uri, registry, spec, opts) { + const mem = pickMem(opts) + const accept = opts.fullMetadata ? JSON_DOC : CORGI_DOC + const memoKey = `${uri}~(${accept})` + if (mem && !opts.preferOnline && mem.has(memoKey)) { + return BB.resolve(mem.get(memoKey)) + } + + return fetch(uri, opts.concat({ + headers: { + 'pacote-req-type': 'packument', + 'pacote-pkg-id': `registry:${spec.name}`, + accept + }, + spec + }, opts, { + // Force integrity to null: we never check integrity hashes for manifests + integrity: null + })).then(res => res.json().then(packument => { + packument._cached = res.headers.has('x-local-cache') + packument._contentLength = +res.headers.get('content-length') + // NOTE - we need to call pickMem again because proxy + // objects get reused! + const mem = pickMem(opts) + if (mem) { + mem.set(memoKey, packument) + } + return packument + })) +} + +class ObjProxy { + get (key) { return this.obj[key] } + set (key, val) { this.obj[key] = val } +} + +// This object is used synchronously and immediately, so +// we can safely reuse it instead of consing up new ones +const PROX = new ObjProxy() +function pickMem (opts) { + if (!opts || !opts.memoize) { + return MEMO + } else if (opts.memoize.get && opts.memoize.set) { + return opts.memoize + } else if (typeof opts.memoize === 'object') { + PROX.obj = opts.memoize + return PROX + } else { + return null + } +} diff --git a/node_modules/pacote/lib/fetchers/registry/tarball.js b/node_modules/pacote/lib/fetchers/registry/tarball.js index 723998127..2b53daab4 100644 --- a/node_modules/pacote/lib/fetchers/registry/tarball.js +++ b/node_modules/pacote/lib/fetchers/registry/tarball.js @@ -2,18 +2,17 @@ const BB = require('bluebird') -const fetch = require('./fetch') +const fetch = require('npm-registry-fetch') const manifest = require('./manifest') const optCheck = require('../../util/opt-check') const PassThrough = require('stream').PassThrough -const pickRegistry = require('./pick-registry') const ssri = require('ssri') const url = require('url') module.exports = tarball function tarball (spec, opts) { opts = optCheck(opts) - const registry = pickRegistry(spec, opts) + const registry = fetch.pickRegistry(spec, opts) const stream = new PassThrough() let mani if ( @@ -49,11 +48,11 @@ function tarball (spec, opts) { module.exports.fromManifest = fromManifest function fromManifest (manifest, spec, opts) { opts = optCheck(opts) - opts.scope = spec.scope || opts.scope + if (spec.scope) { opts = opts.concat({scope: spec.scope}) } const stream = new PassThrough() - const registry = pickRegistry(spec, opts) + const registry = fetch.pickRegistry(spec, opts) const uri = getTarballUrl(spec, registry, manifest, opts) - fetch(uri, registry, Object.assign({ + fetch(uri, opts.concat({ headers: { 'pacote-req-type': 'tarball', 'pacote-pkg-id': `registry:${manifest.name}@${uri}` diff --git a/node_modules/pacote/lib/fetchers/remote.js b/node_modules/pacote/lib/fetchers/remote.js index a1e95a2e6..8941f9938 100644 --- a/node_modules/pacote/lib/fetchers/remote.js +++ b/node_modules/pacote/lib/fetchers/remote.js @@ -8,6 +8,10 @@ const fetchRegistry = require('./registry') const fetchRemote = module.exports = Object.create(null) Fetcher.impl(fetchRemote, { + packument (spec, opts) { + return BB.reject(new Error('Not implemented yet')) + }, + manifest (spec, opts) { // We can't get the manifest for a remote tarball until // we extract the tarball itself. diff --git a/node_modules/pacote/lib/finalize-manifest.js b/node_modules/pacote/lib/finalize-manifest.js index 0f309ed6d..2dfa4070f 100644 --- a/node_modules/pacote/lib/finalize-manifest.js +++ b/node_modules/pacote/lib/finalize-manifest.js @@ -42,7 +42,7 @@ function finalizeManifest (pkg, spec, opts) { : BB.resolve(null) return cachedManifest.then(cached => { - if (cached && cached.metadata.manifest) { + if (cached && cached.metadata && cached.metadata.manifest) { return new Manifest(cached.metadata.manifest) } else { return tarballedProps(pkg, spec, opts).then(props => { @@ -54,13 +54,14 @@ function finalizeManifest (pkg, spec, opts) { if (!opts.cache || !cacheKey) { return manifest } else { - opts.metadata = { - id: manifest._id, - manifest, - type: 'finalized-manifest' - } return cacache.put( - opts.cache, cacheKey, '.', opts + opts.cache, cacheKey, '.', { + metadata: { + id: manifest._id, + manifest, + type: 'finalized-manifest' + } + } ).then(() => manifest) } }) diff --git a/node_modules/pacote/lib/util/git.js b/node_modules/pacote/lib/util/git.js index 919621227..38b533682 100644 --- a/node_modules/pacote/lib/util/git.js +++ b/node_modules/pacote/lib/util/git.js @@ -194,7 +194,12 @@ function execGit (gitArgs, gitOpts, opts) { throw err } }) - }, opts.retry) + }, opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + maxTimeout: opts['fetch-retry-maxtimeout'], + minTimeout: opts['fetch-retry-mintimeout'] + }) }) } diff --git a/node_modules/pacote/lib/util/opt-check.js b/node_modules/pacote/lib/util/opt-check.js index d13a69e4d..6a1130e16 100644 --- a/node_modules/pacote/lib/util/opt-check.js +++ b/node_modules/pacote/lib/util/opt-check.js @@ -1,64 +1,44 @@ 'use strict' -const pkg = require('../../package.json') -const silentlog = require('./silentlog') +const figgyPudding = require('figgy-pudding') +const logger = require('./proclog.js') -function PacoteOptions (opts) { - opts = opts || {} - this._isPacoteOptions = true - this.agent = opts.agent - this.annotate = opts.annotate - this.auth = opts.auth - this.scopeTargets = opts.scopeTargets || {} - this.defaultTag = opts.defaultTag || 'latest' - this.cache = opts.cache - this.ca = opts.ca - this.cert = opts.cert - this.integrity = opts.integrity - this.key = opts.key - this.localAddress = opts.localAddress - this.log = opts.log || silentlog - this.memoize = opts.memoize - this.maxSockets = opts.maxSockets || 10 - this.offline = opts.offline - this.preferOffline = opts.preferOffline - this.proxy = opts.proxy - this.noProxy = opts.noProxy - this.registry = opts.registry || 'https://registry.npmjs.org' - this.resolved = opts.resolved - this.retry = opts.retry // for npm-registry-client - this.scope = opts.scope - this.userAgent = opts.userAgent || `${pkg.name}@${pkg.version}/node@${process.version}+${process.arch} (${process.platform})` - this.where = opts.where - this.preferOnline = opts.preferOnline - this.strictSSL = !!opts.strictSSL - this.isFromCI = !!( - opts.isFromCI || - process.env['CI'] === 'true' || - process.env['TDDIUM'] || - process.env['JENKINS_URL'] || - process.env['bamboo.buildKey'] - ) - this.npmSession = opts.npmSession - this.refer = opts.referer || opts.refer - this.projectScope = opts.projectScope - this.fullMetadata = opts.fullMetadata - this.alwaysAuth = opts.alwaysAuth - this.includeDeprecated = opts.includeDeprecated == null - ? true - : opts.includeDeprecated - - this.dirPacker = opts.dirPacker || null - - this.uid = opts.uid - this.gid = opts.gid - - this.dmode = opts.dmode - this.fmode = opts.fmode - this.umask = opts.umask -} - -module.exports = optCheck -function optCheck (opts) { - return new PacoteOptions(opts) -} +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + annotate: {}, + cache: {}, + defaultTag: 'tag', + dirPacker: {}, + dmode: {}, + fmode: {}, + 'fetch-retries': {default: 2}, + 'fetch-retry-factor': {default: 10}, + 'fetch-retry-maxtimeout': {default: 60000}, + 'fetch-retry-mintimeout': {default: 10000}, + fullMetadata: 'full-metadata', + 'full-metadata': {default: false}, + gid: {}, + includeDeprecated: {default: true}, + 'include-deprecated': 'includeDeprecated', + integrity: {}, + log: {default: logger}, + memoize: {}, + offline: {}, + preferOffline: 'prefer-offline', + 'prefer-offline': {}, + preferOnline: 'prefer-online', + 'prefer-online': {}, + registry: {default: 'https://registry.npmjs.org/'}, + resolved: {}, + retry: {}, + scope: {}, + tag: {default: 'latest'}, + uid: {}, + umask: {}, + where: {} +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/pacote/lib/util/proclog.js b/node_modules/pacote/lib/util/proclog.js new file mode 100644 index 000000000..e4a2bf8ac --- /dev/null +++ b/node_modules/pacote/lib/util/proclog.js @@ -0,0 +1,23 @@ +'use strict' + +const LEVELS = [ + 'notice', + 'error', + 'warn', + 'info', + 'verbose', + 'http', + 'silly', + 'pause', + 'resume' +] + +const logger = {} +for (const level of LEVELS) { + logger[level] = log(level) +} +module.exports = logger + +function log (level) { + return (category, ...args) => process.emit('log', level, category, ...args) +} diff --git a/node_modules/pacote/lib/with-tarball-stream.js b/node_modules/pacote/lib/with-tarball-stream.js index 653a4a688..e9320fedd 100644 --- a/node_modules/pacote/lib/with-tarball-stream.js +++ b/node_modules/pacote/lib/with-tarball-stream.js @@ -96,10 +96,10 @@ function withTarballStream (spec, opts, streamHandler) { const tardata = fetch.tarball(spec, opts) if (!opts.resolved) { tardata.on('manifest', m => { - opts.resolved = m._resolved + opts = opts.concat({resolved: m._resolved}) }) tardata.on('integrity', i => { - opts.integrity = i + opts = opts.concat({integrity: i}) }) } return BB.try(() => streamHandler(tardata)) diff --git a/node_modules/pacote/package.json b/node_modules/pacote/package.json index 6287584c9..6f7e4cc45 100644 --- a/node_modules/pacote/package.json +++ b/node_modules/pacote/package.json @@ -1,33 +1,28 @@ { - "_args": [ - [ - "pacote@8.1.6", - "/Users/rebecca/code/npm" - ] - ], - "_from": "pacote@8.1.6", - "_id": "pacote@8.1.6", + "_from": "pacote@latest", + "_id": "pacote@9.1.0", "_inBundle": false, - "_integrity": "sha512-wTOOfpaAQNEQNtPEx92x9Y9kRWVu45v583XT8x2oEV2xRB74+xdqMZIeGW4uFvAyZdmSBtye+wKdyyLaT8pcmw==", + "_integrity": "sha512-AFXaSWhOtQf3jHqEvg+ZYH/dfT8TKq6TKspJ4qEFwVVuh5aGvMIk6SNF8vqfzz+cBceDIs9drOcpBbrPai7i+g==", "_location": "/pacote", "_phantomChildren": {}, "_requested": { - "type": "version", + "type": "tag", "registry": true, - "raw": "pacote@8.1.6", + "raw": "pacote@latest", "name": "pacote", "escapedName": "pacote", - "rawSpec": "8.1.6", + "rawSpec": "latest", "saveSpec": null, - "fetchSpec": "8.1.6" + "fetchSpec": "latest" }, "_requiredBy": [ - "/", - "/libcipm" + "#USER", + "/" ], - "_resolved": "https://registry.npmjs.org/pacote/-/pacote-8.1.6.tgz", - "_spec": "8.1.6", - "_where": "/Users/rebecca/code/npm", + "_resolved": "https://registry.npmjs.org/pacote/-/pacote-9.1.0.tgz", + "_shasum": "59810859bbd72984dcb267269259375d32f391e5", + "_spec": "pacote@latest", + "_where": "/Users/zkat/Documents/code/work/npm", "author": { "name": "Kat Marchán", "email": "kzm@sykosomatic.org" @@ -35,6 +30,7 @@ "bugs": { "url": "https://github.com/zkat/pacote/issues" }, + "bundleDependencies": false, "contributors": [ { "name": "Charlotte Spencer", @@ -48,6 +44,7 @@ "dependencies": { "bluebird": "^3.5.1", "cacache": "^11.0.2", + "figgy-pudding": "^3.2.1", "get-stream": "^3.0.0", "glob": "^7.1.2", "lru-cache": "^4.1.3", @@ -60,6 +57,7 @@ "npm-package-arg": "^6.1.0", "npm-packlist": "^1.1.10", "npm-pick-manifest": "^2.1.0", + "npm-registry-fetch": "^3.0.0", "osenv": "^0.1.5", "promise-inflight": "^1.0.1", "promise-retry": "^1.1.1", @@ -72,6 +70,7 @@ "unique-filename": "^1.1.0", "which": "^1.3.0" }, + "deprecated": false, "description": "JavaScript package downloader", "devDependencies": { "nock": "^9.2.6", @@ -113,5 +112,5 @@ "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" }, - "version": "8.1.6" + "version": "9.1.0" } diff --git a/node_modules/pacote/packument.js b/node_modules/pacote/packument.js new file mode 100644 index 000000000..dbeaa8335 --- /dev/null +++ b/node_modules/pacote/packument.js @@ -0,0 +1,29 @@ +'use strict' + +const fetchPackument = require('./lib/fetch').packument +const optCheck = require('./lib/util/opt-check') +const pinflight = require('promise-inflight') +const npa = require('npm-package-arg') + +module.exports = packument +function packument (spec, opts) { + opts = optCheck(opts) + spec = npa(spec, opts.where) + + const label = [ + spec.name, + spec.saveSpec || spec.fetchSpec, + spec.type, + opts.cache, + opts.registry, + opts.scope + ].join(':') + const startTime = Date.now() + return pinflight(label, () => { + return fetchPackument(spec, opts) + }).then(p => { + const elapsedTime = Date.now() - startTime + opts.log.silly('pacote', `${spec.type} packument for ${spec.name}@${spec.saveSpec || spec.fetchSpec} fetched in ${elapsedTime}ms`) + return p + }) +} |