diff options
| author | isaacs <i@izs.me> | 2020-02-26 08:26:20 +0300 |
|---|---|---|
| committer | isaacs <i@izs.me> | 2020-05-08 04:11:52 +0300 |
| commit | 3ae22b201372b733edab9596da8dbe60944bdc28 (patch) | |
| tree | a3dff6b40bc94393bbf7db1b67c5e7c4a84579e8 /node_modules | |
| parent | ae1415e777adf2a2b3865d1fb6717496c40e7e88 (diff) | |
npm-profile@5.0.1
Diffstat (limited to 'node_modules')
39 files changed, 149 insertions, 5926 deletions
diff --git a/node_modules/npm-profile/CHANGELOG.md b/node_modules/npm-profile/CHANGELOG.md index 6d937580c..3205cf532 100644 --- a/node_modules/npm-profile/CHANGELOG.md +++ b/node_modules/npm-profile/CHANGELOG.md @@ -1,3 +1,20 @@ +# v5.0.0 (2020-02-27) + +- Drop the CLI from the project, just maintain the library +- Drop support for EOL Node.js versions +- Remove `Promise` option, just use native Promises +- Remove `figgy-pudding` +- Use `npm-registry-fetch` v8 +- fix: do not try to open invalid URLs for WebLogin + +# v4.0.3 (2020-02-27) + +- fix: do not try to open invalid URLs for WebLogin + +# v4.0.2 (2019-07-16) + +- Update `npm-registry-fetch` to 4.0.0 + # v4.0.1 (2018-08-29) - `opts.password` needs to be base64-encoded when passed in for login diff --git a/node_modules/npm-profile/README.md b/node_modules/npm-profile/README.md index 7a80a729e..9f671d12a 100644 --- a/node_modules/npm-profile/README.md +++ b/node_modules/npm-profile/README.md @@ -40,10 +40,6 @@ using the legacy CouchDB APIs. * `opener` Function (url) → Promise, returns a promise that resolves after a browser has been opened for the user at `url`. * `prompter` Function (creds) → Promise, returns a promise that resolves to an object with `username`, `email` and `password` properties. -* [`opts`](#opts) Object (optional) plus extra keys: - * `creds` Object, passed through to prompter, common values are: - * `username` String, default value for username - * `email` String, default value for email #### **Promise Value** @@ -71,9 +67,6 @@ using the legacy CouchDB APIs. * `opener` Function (url) → Promise, returns a promise that resolves after a browser has been opened for the user at `url`. * `prompter` Function (creds) → Promise, returns a promise that resolves to an object with `username`, and `password` properties. -* [`opts`](#opts) Object (optional) plus extra keys: - * `creds` Object, passed through to prompter, common values are: - * `name` String, default value for username #### **Promise Value** @@ -512,18 +505,24 @@ Otherwise the code will be the HTTP response code. ### <a name="opts"></a> options objects The various API functions accept an optional `opts` object as a final -argument. This opts object can either be a regular Object, or a -[`figgy-pudding`](https://npm.im/figgy-pudding) options object instance. +argument. -Unless otherwise noted, the options accepted are the same as the +Options are passed to [`npm-registry-fetch` -options](https://www.npmjs.com/package/npm-registry-fetch#fetch-opts). +options](https://www.npmjs.com/package/npm-registry-fetch#fetch-opts), so +anything provided to this module will affect the behavior of that one as +well. Of particular note are `opts.registry`, and the auth-related options: -* `opts.token` - used for Bearer auth +* `opts.creds` Object, passed through to prompter, common values are: + * `username` String, default value for username + * `email` String, default value for email * `opts.username` and `opts.password` - used for Basic auth -* `opts.otp` - the 2fa OTP token +* `opts.otp` String, the two-factor-auth one-time-password (Will prompt for + this if needed and not provided.) +* `opts.hostname` String, the hostname of the current machine, to show the + user during the WebAuth flow. (Defaults to `os.hostname()`.) ## <a name="logging"></a> Logging diff --git a/node_modules/npm-profile/index.js b/node_modules/npm-profile/index.js index b7f753fb4..4f2a2ae7c 100644 --- a/node_modules/npm-profile/index.js +++ b/node_modules/npm-profile/index.js @@ -1,37 +1,17 @@ 'use strict' const fetch = require('npm-registry-fetch') -const {HttpErrorBase} = require('npm-registry-fetch/errors.js') +const { HttpErrorBase } = require('npm-registry-fetch/errors.js') const os = require('os') -const pudding = require('figgy-pudding') -const validate = require('aproba') - -exports.adduserCouch = adduserCouch -exports.loginCouch = loginCouch -exports.adduserWeb = adduserWeb -exports.loginWeb = loginWeb -exports.login = login -exports.adduser = adduser -exports.get = get -exports.set = set -exports.listTokens = listTokens -exports.removeToken = removeToken -exports.createToken = createToken - -const ProfileConfig = pudding({ - creds: {}, - hostname: {}, - otp: {} -}) +const { URL } = require('url') // try loginWeb, catch the "not supported" message and fall back to couch -function login (opener, prompter, opts) { - validate('FFO', arguments) - opts = ProfileConfig(opts) +const login = (opener, prompter, opts = {}) => { + const { creds } = opts return loginWeb(opener, opts).catch(er => { if (er instanceof WebLoginNotSupported) { process.emit('log', 'verbose', 'web login not supported, trying couch') - return prompter(opts.creds) + return prompter(creds) .then(data => loginCouch(data.username, data.password, opts)) } else { throw er @@ -39,13 +19,12 @@ function login (opener, prompter, opts) { }) } -function adduser (opener, prompter, opts) { - validate('FFO', arguments) - opts = ProfileConfig(opts) +const adduser = (opener, prompter, opts = {}) => { + const { creds } = opts return adduserWeb(opener, opts).catch(er => { if (er instanceof WebLoginNotSupported) { process.emit('log', 'verbose', 'web adduser not supported, trying couch') - return prompter(opts.creds) + return prompter(creds) .then(data => adduserCouch(data.username, data.email, data.password, opts)) } else { throw er @@ -53,44 +32,45 @@ function adduser (opener, prompter, opts) { }) } -function adduserWeb (opener, opts) { - validate('FO', arguments) - const body = { create: true } +const adduserWeb = (opener, opts = {}) => { process.emit('log', 'verbose', 'web adduser', 'before first POST') - return webAuth(opener, opts, body) + return webAuth(opener, opts, { create: true }) } -function loginWeb (opener, opts) { - validate('FO', arguments) +const loginWeb = (opener, opts = {}) => { process.emit('log', 'verbose', 'web login', 'before first POST') return webAuth(opener, opts, {}) } -function webAuth (opener, opts, body) { - opts = ProfileConfig(opts) - body.hostname = opts.hostname || os.hostname() +const isValidUrl = u => { + try { + return /^https?:$/.test(new URL(u).protocol) + } catch (er) { + return false + } +} + +const webAuth = (opener, opts, body) => { + const { hostname } = opts + body.hostname = hostname || os.hostname() const target = '/-/v1/login' - return fetch(target, opts.concat({ + return fetch(target, { + ...opts, method: 'POST', body - })).then(res => { + }).then(res => { return Promise.all([res, res.json()]) }).then(([res, content]) => { - const {doneUrl, loginUrl} = content + const { doneUrl, loginUrl } = content process.emit('log', 'verbose', 'web auth', 'got response', content) - if ( - typeof doneUrl !== 'string' || - typeof loginUrl !== 'string' || - !doneUrl || - !loginUrl - ) { + if (!isValidUrl(doneUrl) || !isValidUrl(loginUrl)) { throw new WebLoginInvalidResponse('POST', res, content) } return content - }).then(({doneUrl, loginUrl}) => { + }).then(({ doneUrl, loginUrl }) => { process.emit('log', 'verbose', 'web auth', 'opening url pair') return opener(loginUrl).then( - () => webAuthCheckLogin(doneUrl, opts.concat({cache: false})) + () => webAuthCheckLogin(doneUrl, { ...opts, cache: false }) ) }).catch(er => { if ((er.statusCode >= 400 && er.statusCode <= 499) || er.statusCode === 500) { @@ -104,7 +84,7 @@ function webAuth (opener, opts, body) { }) } -function webAuthCheckLogin (doneUrl, opts) { +const webAuthCheckLogin = (doneUrl, opts) => { return fetch(doneUrl, opts).then(res => { return Promise.all([res, res.json()]) }).then(([res, content]) => { @@ -127,9 +107,7 @@ function webAuthCheckLogin (doneUrl, opts) { }) } -function adduserCouch (username, email, password, opts) { - validate('SSSO', arguments) - opts = ProfileConfig(opts) +const adduserCouch = (username, email, password, opts = {}) => { const body = { _id: 'org.couchdb.user:' + username, name: username, @@ -139,25 +117,24 @@ function adduserCouch (username, email, password, opts) { roles: [], date: new Date().toISOString() } - const logObj = {} - Object.keys(body).forEach(k => { - logObj[k] = k === 'password' ? 'XXXXX' : body[k] - }) + const logObj = { + ...body, + password: 'XXXXX' + } process.emit('log', 'verbose', 'adduser', 'before first PUT', logObj) const target = '/-/user/org.couchdb.user:' + encodeURIComponent(username) - return fetch.json(target, opts.concat({ + return fetch.json(target, { + ...opts, method: 'PUT', body - })).then(result => { + }).then(result => { result.username = username return result }) } -function loginCouch (username, password, opts) { - validate('SSO', arguments) - opts = ProfileConfig(opts) +const loginCouch = (username, password, opts = {}) => { const body = { _id: 'org.couchdb.user:' + username, name: username, @@ -166,39 +143,43 @@ function loginCouch (username, password, opts) { roles: [], date: new Date().toISOString() } - const logObj = {} - Object.keys(body).forEach(k => { - logObj[k] = k === 'password' ? 'XXXXX' : body[k] - }) + const logObj = { + ...body, + password: 'XXXXX' + } process.emit('log', 'verbose', 'login', 'before first PUT', logObj) const target = '-/user/org.couchdb.user:' + encodeURIComponent(username) - return fetch.json(target, opts.concat({ + return fetch.json(target, { + ...opts, method: 'PUT', body - })).catch(err => { + }).catch(err => { if (err.code === 'E400') { err.message = `There is no user with the username "${username}".` throw err } if (err.code !== 'E409') throw err - return fetch.json(target, opts.concat({ - query: {write: true} - })).then(result => { - Object.keys(result).forEach(function (k) { + return fetch.json(target, { + ...opts, + query: { write: true } + }).then(result => { + Object.keys(result).forEach(k => { if (!body[k] || k === 'roles') { body[k] = result[k] } }) - return fetch.json(`${target}/-rev/${body._rev}`, opts.concat({ + const { otp } = opts + return fetch.json(`${target}/-rev/${body._rev}`, { + ...opts, method: 'PUT', body, forceAuth: { username, password: Buffer.from(password, 'utf8').toString('base64'), - otp: opts.otp + otp } - })) + }) }) }).then(result => { result.username = username @@ -206,30 +187,22 @@ function loginCouch (username, password, opts) { }) } -function get (opts) { - validate('O', arguments) - return fetch.json('/-/npm/v1/user', opts) -} +const get = (opts = {}) => fetch.json('/-/npm/v1/user', opts) -function set (profile, opts) { - validate('OO', arguments) +const set = (profile, opts = {}) => { Object.keys(profile).forEach(key => { // profile keys can't be empty strings, but they CAN be null if (profile[key] === '') profile[key] = null }) - return fetch.json('/-/npm/v1/user', ProfileConfig(opts, { + return fetch.json('/-/npm/v1/user', { + ...opts, method: 'POST', body: profile - })) + }) } -function listTokens (opts) { - validate('O', arguments) - opts = ProfileConfig(opts) - - return untilLastPage('/-/npm/v1/tokens') - - function untilLastPage (href, objects) { +const listTokens = (opts = {}) => { + const untilLastPage = (href, objects) => { return fetch.json(href, opts).then(result => { objects = objects ? objects.concat(result.objects) : result.objects if (result.urls.next) { @@ -239,27 +212,28 @@ function listTokens (opts) { } }) } + return untilLastPage('/-/npm/v1/tokens') } -function removeToken (tokenKey, opts) { - validate('SO', arguments) +const removeToken = (tokenKey, opts = {}) => { const target = `/-/npm/v1/tokens/token/${tokenKey}` - return fetch(target, ProfileConfig(opts, { + return fetch(target, { + ...opts, method: 'DELETE', ignoreBody: true - })).then(() => null) + }).then(() => null) } -function createToken (password, readonly, cidrs, opts) { - validate('SBAO', arguments) - return fetch.json('/-/npm/v1/tokens', ProfileConfig(opts, { +const createToken = (password, readonly, cidrs, opts = {}) => { + return fetch.json('/-/npm/v1/tokens', { + ...opts, method: 'POST', body: { password: password, readonly: readonly, cidr_whitelist: cidrs } - })) + }) } class WebLoginInvalidResponse extends HttpErrorBase { @@ -279,6 +253,19 @@ class WebLoginNotSupported extends HttpErrorBase { } } -function sleep (ms) { - return new Promise((resolve, reject) => setTimeout(resolve, ms)) +const sleep = (ms) => + new Promise((resolve, reject) => setTimeout(resolve, ms)) + +module.exports = { + adduserCouch, + loginCouch, + adduserWeb, + loginWeb, + login, + adduser, + get, + set, + listTokens, + removeToken, + createToken } diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/CHANGELOG.md deleted file mode 100644 index 8eee50a47..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/CHANGELOG.md +++ /dev/null @@ -1,239 +0,0 @@ -# Change Log - -All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. - -<a name="4.0.2"></a> -## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04) - - -### Bug Fixes - -* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9) -* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3) - - - -<a name="4.0.0"></a> -# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) - - -* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) - - -### BREAKING CHANGES - -* uid and gid are inferred from cache folder, rather than -being passed in as options. - - - -<a name="3.9.1"></a> -## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) - - - -<a name="3.9.0"></a> -# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) - - -### Features - -* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) - - - -<a name="3.8.0"></a> -# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) - - -### Features - -* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) - - - -<a name="3.7.0"></a> -# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) - - -### Features - -* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) - - - -<a name="3.6.0"></a> -# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) - - -### Bug Fixes - -* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) - - -### Features - -* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) - - - -<a name="3.5.0"></a> -# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) - - -### Features - -* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) - - - -<a name="3.4.0"></a> -# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) - - -### Bug Fixes - -* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) - - -### Features - -* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) - - - -<a name="3.3.0"></a> -# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) - - -### Bug Fixes - -* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) - - -### Features - -* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) - - - -<a name="3.2.1"></a> -## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) - - -### Bug Fixes - -* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) - - - -<a name="3.2.0"></a> -# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) - - -### Features - -* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) - - - -<a name="3.1.1"></a> -## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) - - - -<a name="3.1.0"></a> -# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) - - -### Features - -* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) - - - -<a name="3.0.0"></a> -# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) - - -### Bug Fixes - -* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) -* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) - - -### BREAKING CHANGES - -* **config:** opts.config is no longer supported. Pass the options down in opts itself. - - - -<a name="2.1.0"></a> -# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) - - -### Features - -* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) - - - -<a name="2.0.0"></a> -# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) - - -### meta - -* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) - - -### BREAKING CHANGES - -* node@4 is no longer supported - - - -<a name="1.1.1"></a> -## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) - - - -<a name="1.1.0"></a> -# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) - - -### Features - -* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) - - - -<a name="1.0.1"></a> -## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) - - -### Bug Fixes - -* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) - - - -<a name="1.0.0"></a> -# 1.0.0 (2018-03-16) - - -### Bug Fixes - -* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) -* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) -* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) -* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) - - -### Features - -* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) -* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) -* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) -* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) -* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/LICENSE.md deleted file mode 100644 index 8d28acf86..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/LICENSE.md +++ /dev/null @@ -1,16 +0,0 @@ -ISC License - -Copyright (c) npm, Inc. - -Permission to use, copy, modify, and/or distribute this software for -any purpose with or without fee is hereby granted, provided that the -above copyright notice and this permission notice appear in all copies. - -THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS -ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE -COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR -CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS -OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE -USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/README.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/README.md deleted file mode 100644 index 0c3f4f946..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/README.md +++ /dev/null @@ -1,609 +0,0 @@ -# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) - -[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js -library that implements a `fetch`-like API for accessing npm registry APIs -consistently. It's able to consume npm-style configuration values and has all -the necessary logic for picking registries, handling scopes, and dealing with -authentication details built-in. - -This package is meant to replace the older -[`npm-registry-client`](https://npm.im/npm-registry-client). - -## Example - -```javascript -const npmFetch = require('npm-registry-fetch') - -console.log( - await npmFetch.json('/-/ping') -) -``` - -## Table of Contents - -* [Installing](#install) -* [Example](#example) -* [Contributing](#contributing) -* [API](#api) - * [`fetch`](#fetch) - * [`fetch.json`](#fetch-json) - * [`fetch` options](#fetch-opts) - -### Install - -`$ npm install npm-registry-fetch` - -### Contributing - -The npm team enthusiastically welcomes contributions and project participation! -There's a bunch of things you can do if you want to contribute! The [Contributor -Guide](CONTRIBUTING.md) has all the information you need for everything from -reporting bugs to contributing entire new features. Please don't hesitate to -jump in if you'd like to, or even ask us questions if something isn't clear. - -All participants and maintainers in this project are expected to follow [Code of -Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. - -Please refer to the [Changelog](CHANGELOG.md) for project history details, too. - -Happy hacking! - -### API - -#### <a name="fetch"></a> `> fetch(url, [opts]) -> Promise<Response>` - -Performs a request to a given URL. - -The URL can be either a full URL, or a path to one. The appropriate registry -will be automatically picked if only a URL path is given. - -For available options, please see the section on [`fetch` options](#fetch-opts). - -##### Example - -```javascript -const res = await fetch('/-/ping') -console.log(res.headers) -res.on('data', d => console.log(d.toString('utf8'))) -``` - -#### <a name="fetch-json"></a> `> fetch.json(url, [opts]) -> Promise<ResponseJSON>` - -Performs a request to a given registry URL, parses the body of the response as -JSON, and returns it as its final value. This is a utility shorthand for -`fetch(url).then(res => res.json())`. - -For available options, please see the section on [`fetch` options](#fetch-opts). - -##### Example - -```javascript -const res = await fetch.json('/-/ping') -console.log(res) // Body parsed as JSON -``` - -#### <a name="fetch-json-stream"></a> `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` - -Performs a request to a given registry URL and parses the body of the response -as JSON, with each entry being emitted through the stream. - -The `jsonPath` argument is a [`JSONStream.parse()` -path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the -returned stream (unlike default `JSONStream`s), has a valid -`Symbol.asyncIterator` implementation. - -For available options, please see the section on [`fetch` options](#fetch-opts). - -##### Example - -```javascript -console.log('https://npm.im/~zkat has access to the following packages:') -for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { - console.log(`https://npm.im/${key} (perms: ${value})`) -} -``` - -#### <a name="fetch-opts"></a> `fetch` Options - -Fetch options are optional, and can be passed in as either a Map-like object -(one with a `.get()` method), a plain javascript object, or a -[`figgy-pudding`](https://npm.im/figgy-pudding) instance. - -##### <a name="opts-agent"></a> `opts.agent` - -* Type: http.Agent -* Default: an appropriate agent based on URL protocol and proxy settings - -An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to -be shared across requests. This allows multiple concurrent `fetch` requests to -happen on the same socket. - -You do _not_ need to provide this option unless you want something particularly -specialized, since proxy configurations and http/https agents are already -automatically managed internally when this option is not passed through. - -##### <a name="opts-body"></a> `opts.body` - -* Type: Buffer | Stream | Object -* Default: null - -Request body to send through the outgoing request. Buffers and Streams will be -passed through as-is, with a default `content-type` of -`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed -and the `content-type` will default to `application/json`. - -Use [`opts.headers`](#opts-headers) to set the content-type to something else. - -##### <a name="opts-ca"></a> `opts.ca` - -* Type: String, Array, or null -* Default: null - -The Certificate Authority signing certificate that is trusted for SSL -connections to the registry. Values should be in PEM format (Windows calls it -"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For -example: - -``` -{ - ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' -} -``` - -Set to `null` to only allow "known" registrars, or to a specific CA cert -to trust only that specific signing authority. - -Multiple CAs can be trusted by specifying an array of certificates instead of a -single string. - -See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and -[`opts.key`](#opts-key) - -##### <a name="opts-cache"></a> `opts.cache` - -* Type: path -* Default: null - -The location of the http cache directory. If provided, certain cachable requests -will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) -rules. This will speed up future requests, as well as make the cached data -available offline if necessary/requested. - -See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), -and [`prefer-online`](#opts-prefer-online). - -##### <a name="opts-cert"></a> `opts.cert` - -* Type: String -* Default: null - -A client certificate to pass when accessing the registry. Values should be in -PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines -replaced by the string `'\n'`. For example: - -``` -{ - cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' -} -``` - -It is _not_ the path to a certificate file (and there is no "certfile" option). - -See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) - -##### <a name="opts-fetch-retries"></a> `opts.fetch-retries` - -* Type: Number -* Default: 2 - -The "retries" config for [`retry`](https://npm.im/retry) to use when fetching -packages from the registry. - -See also [`opts.retry`](#opts-retry) to provide all retry options as a single -object. - -##### <a name="opts-fetch-retry-factor"></a> `opts.fetch-retry-factor` - -* Type: Number -* Default: 10 - -The "factor" config for [`retry`](https://npm.im/retry) to use when fetching -packages. - -See also [`opts.retry`](#opts-retry) to provide all retry options as a single -object. - -##### <a name="opts-fetch-retry-mintimeout"></a> `opts.fetch-retry-mintimeout` - -* Type: Number -* Default: 10000 (10 seconds) - -The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching -packages. - -See also [`opts.retry`](#opts-retry) to provide all retry options as a single -object. - -##### <a name="opts-fetch-retry-maxtimeout"></a> `opts.fetch-retry-maxtimeout` - -* Type: Number -* Default: 60000 (1 minute) - -The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching -packages. - -See also [`opts.retry`](#opts-retry) to provide all retry options as a single -object. - -##### <a name="opts-force-auth"></a> `opts.force-auth` - -* Alias: `opts.forceAuth` -* Type: Object -* Default: null - -If present, other auth-related values in `opts` will be completely ignored, -including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, -and the auth details in `opts.forceAuth` will be used instead. - -##### <a name="opts-gzip"></a> `opts.gzip` - -* Type: Boolean -* Default: false - -If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` -and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode -[`opts.body`](#opts-body). - -##### <a name="opts-headers"></a> `opts.headers` - -* Type: Object -* Default: null - -Additional headers for the outgoing request. This option can also be used to -override headers automatically generated by `npm-registry-fetch`, such as -`Content-Type`. - -##### <a name="opts-ignore-body"></a> `opts.ignore-body` - -* Alias: `opts.ignoreBody` -* Type: Boolean -* Default: false - -If true, the **response body** will be thrown away and `res.body` set to `null`. -This will prevent dangling response sockets for requests where you don't usually -care what the response body is. - -##### <a name="opts-integrity"></a> `opts.integrity` - -* Type: String | [SRI object](https://npm.im/ssri) -* Default: null - -If provided, the response body's will be verified against this integrity string, -using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will -complete as normal. If verification fails, the response body will error with an -`EINTEGRITY` error. - -Body integrity is only verified if the body is actually consumed to completion -- -that is, if you use `res.json()`/`res.buffer()`, or if you consume the default -`res` stream data to its end. - -Cached data will have its integrity automatically verified using the -previously-generated integrity hash for the saved request information, so -`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if -`opts.integrity` is not passed in. - -##### <a name='opts-is-from-ci'></a> `opts.is-from-ci` - -* Alias: `opts.isFromCI` -* Type: Boolean -* Default: Based on environment variables - -This is used to populate the `npm-in-ci` request header sent to the registry. - -##### <a name="opts-key"></a> `opts.key` - -* Type: String -* Default: null - -A client key to pass when accessing the registry. Values should be in PEM -format with newlines replaced by the string `'\n'`. For example: - -``` -{ - key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' -} -``` - -It is _not_ the path to a key file (and there is no "keyfile" option). - -See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) - -##### <a name="opts-local-address"></a> `opts.local-address` - -* Type: IP Address String -* Default: null - -The IP address of the local interface to use when making connections -to the registry. - -See also [`opts.proxy`](#opts-proxy) - -##### <a name="opts-log"></a> `opts.log` - -* Type: [`npmlog`](https://npm.im/npmlog)-like -* Default: null - -Logger object to use for logging operation details. Must have the same methods -as `npmlog`. - -##### <a name="opts-map-json"></a> `opts.map-json` - -* Alias: `mapJson`, `mapJSON` -* Type: Function -* Default: undefined - -When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down -to [`JSONStream`](https://npm.im/JSONStream) as the second argument to -`JSONStream.parse`, and can be used to transform stream data before output. - -##### <a name="opts-maxsockets"></a> `opts.maxsockets` - -* Alias: `opts.max-sockets` -* Type: Integer -* Default: 12 - -Maximum number of sockets to keep open during requests. Has no effect if -[`opts.agent`](#opts-agent) is used. - -##### <a name="opts-method"></a> `opts.method` - -* Type: String -* Default: 'GET' - -HTTP method to use for the outgoing request. Case-insensitive. - -##### <a name="opts-noproxy"></a> `opts.noproxy` - -* Type: Boolean -* Default: process.env.NOPROXY - -If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. - -##### <a name="opts-npm-session"></a> `opts.npm-session` - -* Alias: `opts.npmSession` -* Type: String -* Default: null - -If provided, will be sent in the `npm-session` header. This header is used by -the npm registry to identify individual user sessions (usually individual -invocations of the CLI). - -##### <a name="opts-offline"></a> `opts.offline` - -* Type: Boolean -* Default: false - -Force offline mode: no network requests will be done during install. To allow -`npm-registry-fetch` to fill in missing cache data, see -[`opts.prefer-offline`](#opts-prefer-offline). - -This option is only really useful if you're also using -[`opts.cache`](#opts-cache). - -##### <a name="opts-otp"></a> `opts.otp` - -* Type: Number | String -* Default: null - -This is a one-time password from a two-factor authenticator. It is required for -certain registry interactions when two-factor auth is enabled for a user -account. - -##### <a name="opts-password"></a> `opts.password` - -* Alias: _password -* Type: String -* Default: null - -Password used for basic authentication. For the more modern authentication -method, please use the (more secure) [`opts.token`](#opts-token) - -Can optionally be scoped to a registry by using a "nerf dart" for that registry. -That is: - -``` -{ - '//registry.npmjs.org/:password': 't0k3nH34r' -} -``` - -See also [`opts.username`](#opts-username) - -##### <a name="opts-prefer-offline"></a> `opts.prefer-offline` - -* Type: Boolean -* Default: false - -If true, staleness checks for cached data will be bypassed, but missing data -will be requested from the server. To force full offline mode, use -[`opts.offline`](#opts-offline). - -This option is generally only useful if you're also using -[`opts.cache`](#opts-cache). - -##### <a name="opts-prefer-online"></a> `opts.prefer-online` - -* Type: Boolean -* Default: false - -If true, staleness checks for cached data will be forced, making the CLI look -for updates immediately even for fresh package data. - -This option is generally only useful if you're also using -[`opts.cache`](#opts-cache). - - -##### <a name="opts-project-scope"></a> `opts.project-scope` - -* Alias: `opts.projectScope` -* Type: String -* Default: null - -If provided, will be sent in the `npm-scope` header. This header is used by the -npm registry to identify the toplevel package scope that a particular project -installation is using. - -##### <a name="opts-proxy"></a> `opts.proxy` - -* Type: url -* Default: null - -A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` -environment variable will be used. - -##### <a name="opts-query"></a> `opts.query` - -* Type: String | Object -* Default: null - -If provided, the request URI will have a query string appended to it using this -query. If `opts.query` is an object, it will be converted to a query string -using -[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). - -If the request URI already has a query string, it will be merged with -`opts.query`, preferring `opts.query` values. - -##### <a name="opts-refer"></a> `opts.refer` - -* Alias: `opts.referer` -* Type: String -* Default: null - -Value to use for the `Referer` header. The npm CLI itself uses this to serialize -the npm command line using the given request. - -##### <a name="opts-registry"></a> `opts.registry` - -* Type: URL -* Default: `'https://registry.npmjs.org'` - -Registry configuration for a request. If a request URL only includes the URL -path, this registry setting will be prepended. This configuration is also used -to determine authentication details, so even if the request URL references a -completely different host, `opts.registry` will be used to find the auth details -for that request. - -See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and -[`opts.<scope>:registry`](#opts-scope-registry) which can all affect the actual -registry URL used by the outgoing request. - -##### <a name="opts-retry"></a> `opts.retry` - -* Type: Object -* Default: null - -Single-object configuration for request retry settings. If passed in, will -override individually-passed `fetch-retry-*` settings. - -##### <a name="opts-scope"></a> `opts.scope` - -* Type: String -* Default: null - -Associate an operation with a scope for a scoped registry. This option can force -lookup of scope-specific registries and authentication. - -See also [`opts.<scope>:registry`](#opts-scope-registry) and -[`opts.spec`](#opts-spec) for interactions with this option. - -##### <a name="opts-scope-registry"></a> `opts.<scope>:registry` - -* Type: String -* Default: null - -This option type can be used to configure the registry used for requests -involving a particular scope. For example, `opts['@myscope:registry'] = -'https://scope-specific.registry/'` will make it so requests go out to this -registry instead of [`opts.registry`](#opts-registry) when -[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a -scoped package spec. - -The `@` before the scope name is optional, but recommended. - -##### <a name="opts-spec"></a> `opts.spec` - -* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. -* Default: null - -If provided, can be used to automatically configure [`opts.scope`](#opts-scope) -based on a specific package name. Non-registry package specs will throw an -error. - -##### <a name="opts-strict-ssl"></a> `opts.strict-ssl` - -* Type: Boolean -* Default: true - -Whether or not to do SSL key validation when making requests to the -registry via https. - -See also [`opts.ca`](#opts-ca). - -##### <a name="opts-timeout"></a> `opts.timeout` - -* Type: Milliseconds -* Default: 30000 (30 seconds) - -Time before a hanging request times out. - -##### <a name="opts-token"></a> `opts.token` - -* Alias: `opts._authToken` -* Type: String -* Default: null - -Authentication token string. - -Can be scoped to a registry by using a "nerf dart" for that registry. That is: - -``` -{ - '//registry.npmjs.org/:token': 't0k3nH34r' -} -``` - -##### <a name="opts-user-agent"></a> `opts.user-agent` - -* Type: String -* Default: `'npm-registry-fetch@<version>/node@<node-version>+<arch> (<platform>)'` - -User agent string to send in the `User-Agent` header. - -##### <a name="opts-username"></a> `opts.username` - -* Type: String -* Default: null - -Username used for basic authentication. For the more modern authentication -method, please use the (more secure) [`opts.token`](#opts-token) - -Can optionally be scoped to a registry by using a "nerf dart" for that registry. -That is: - -``` -{ - '//registry.npmjs.org/:username': 't0k3nH34r' -} -``` - -See also [`opts.password`](#opts-password) - -##### <a name="opts-auth"></a> `opts._auth` - -* Type: String -* Default: null - -** DEPRECATED ** This is a legacy authentication token supported only for -*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/auth.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/auth.js deleted file mode 100644 index d583982d0..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/auth.js +++ /dev/null @@ -1,57 +0,0 @@ -'use strict' - -const config = require('./config.js') -const url = require('url') - -module.exports = getAuth -function getAuth (registry, opts) { - if (!registry) { throw new Error('registry is required') } - opts = config(opts) - let AUTH = {} - const regKey = registry && registryKey(registry) - if (opts.forceAuth) { - opts = opts.forceAuth - } - const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) - doKey('token') - doKey('_authToken', 'token') - doKey('username') - doKey('password') - doKey('_password', 'password') - doKey('email') - doKey('_auth') - doKey('otp') - doKey('always-auth', 'alwaysAuth') - if (AUTH.password) { - AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') - } - if (AUTH._auth && !(AUTH.username && AUTH.password)) { - let auth = Buffer.from(AUTH._auth, 'base64').toString() - auth = auth.split(':') - AUTH.username = auth.shift() - AUTH.password = auth.join(':') - } - AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth - return AUTH -} - -function addKey (opts, obj, scope, key, objKey) { - if (opts[key]) { - obj[objKey || key] = opts[key] - } - if (scope && opts[`${scope}:${key}`]) { - obj[objKey || key] = opts[`${scope}:${key}`] - } -} - -// Called a nerf dart in the main codebase. Used as a "safe" -// key when fetching registry info from config. -function registryKey (registry) { - const parsed = url.parse(registry) - const formatted = url.format({ - host: parsed.host, - pathname: parsed.pathname, - slashes: parsed.slashes - }) - return url.resolve(formatted, '.') -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/check-response.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/check-response.js deleted file mode 100644 index 14058239b..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/check-response.js +++ /dev/null @@ -1,109 +0,0 @@ -'use strict' - -const config = require('./config.js') -const errors = require('./errors.js') -const LRU = require('lru-cache') - -module.exports = checkResponse -function checkResponse (method, res, registry, startTime, opts) { - opts = config(opts) - if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { - opts.log.notice('', res.headers.get('npm-notice')) - } - checkWarnings(res, registry, opts) - if (res.status >= 400) { - logRequest(method, res, startTime, opts) - return checkErrors(method, res, startTime, opts) - } else { - res.body.on('end', () => logRequest(method, res, startTime, opts)) - if (opts.ignoreBody) { - res.body.resume() - res.body = null - } - return res - } -} - -function logRequest (method, res, startTime, opts) { - const elapsedTime = Date.now() - startTime - const attempt = res.headers.get('x-fetch-attempts') - const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' - const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' - opts.log.http( - 'fetch', - `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` - ) -} - -const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ -const BAD_HOSTS = new LRU({ max: 50 }) - -function checkWarnings (res, registry, opts) { - if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { - const warnings = {} - res.headers.raw()['warning'].forEach(w => { - const match = w.match(WARNING_REGEXP) - if (match) { - warnings[match[1]] = { - code: match[1], - host: match[2], - message: match[3], - date: new Date(match[4]) - } - } - }) - BAD_HOSTS.set(registry, true) - if (warnings['199']) { - if (warnings['199'].message.match(/ENOTFOUND/)) { - opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) - } else { - opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) - } - } - if (warnings['111']) { - // 111 Revalidation failed -- we're using stale data - opts.log.warn( - 'registry', - `Using stale data from ${registry} due to a request error during revalidation.` - ) - } - } -} - -function checkErrors (method, res, startTime, opts) { - return res.buffer() - .catch(() => null) - .then(body => { - let parsed = body - try { - parsed = JSON.parse(body.toString('utf8')) - } catch (e) {} - if (res.status === 401 && res.headers.get('www-authenticate')) { - const auth = res.headers.get('www-authenticate') - .split(/,\s*/) - .map(s => s.toLowerCase()) - if (auth.indexOf('ipaddress') !== -1) { - throw new errors.HttpErrorAuthIPAddress( - method, res, parsed, opts.spec - ) - } else if (auth.indexOf('otp') !== -1) { - throw new errors.HttpErrorAuthOTP( - method, res, parsed, opts.spec - ) - } else { - throw new errors.HttpErrorAuthUnknown( - method, res, parsed, opts.spec - ) - } - } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) { - // Heuristic for malformed OTP responses that don't include the www-authenticate header. - throw new errors.HttpErrorAuthOTP( - method, res, parsed, opts.spec - ) - } else { - throw new errors.HttpErrorGeneral( - method, res, parsed, opts.spec - ) - } - }) -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/config.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/config.js deleted file mode 100644 index 1c43b26ea..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/config.js +++ /dev/null @@ -1,96 +0,0 @@ -'use strict' - -const pkg = require('./package.json') -const figgyPudding = require('figgy-pudding') -const silentLog = require('./silentlog.js') - -const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ -const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi -module.exports = figgyPudding({ - 'agent': {}, - 'algorithms': {}, - 'body': {}, - 'ca': {}, - 'cache': {}, - 'cert': {}, - 'fetch-retries': {}, - 'fetch-retry-factor': {}, - 'fetch-retry-maxtimeout': {}, - 'fetch-retry-mintimeout': {}, - 'force-auth': {}, - forceAuth: 'force-auth', - 'gzip': {}, - 'headers': {}, - 'https-proxy': {}, - 'ignore-body': {}, - ignoreBody: 'ignore-body', - 'integrity': {}, - 'is-from-ci': 'isFromCI', - 'isFromCI': { - default () { - return ( - process.env['CI'] === 'true' || - process.env['TDDIUM'] || - process.env['JENKINS_URL'] || - process.env['bamboo.buildKey'] || - process.env['GO_PIPELINE_NAME'] - ) - } - }, - 'key': {}, - 'local-address': {}, - 'log': { - default: silentLog - }, - 'map-json': 'mapJson', - 'mapJSON': 'mapJson', - 'mapJson': {}, - 'max-sockets': 'maxsockets', - 'maxsockets': { - default: 12 - }, - 'memoize': {}, - 'method': { - default: 'GET' - }, - 'no-proxy': {}, - 'noproxy': {}, - 'npm-session': 'npmSession', - 'npmSession': {}, - 'offline': {}, - 'otp': {}, - 'prefer-offline': {}, - 'prefer-online': {}, - 'projectScope': {}, - 'project-scope': 'projectScope', - 'Promise': {default: () => Promise}, - 'proxy': {}, - 'query': {}, - 'refer': {}, - 'referer': 'refer', - 'registry': { - default: 'https://registry.npmjs.org/' - }, - 'retry': {}, - 'scope': {}, - 'spec': {}, - 'strict-ssl': {}, - 'timeout': {}, - 'user-agent': { - default: `${ - pkg.name - }@${ - pkg.version - }/node@${ - process.version - }+${ - process.arch - } (${ - process.platform - })` - } -}, { - other (key) { - return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) - } -}) diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/errors.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/errors.js deleted file mode 100644 index ba78735fc..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/errors.js +++ /dev/null @@ -1,79 +0,0 @@ -'use strict' - -const url = require('url') - -function packageName (href) { - try { - let basePath = url.parse(href).pathname.substr(1) - if (!basePath.match(/^-/)) { - basePath = basePath.split('/') - var index = basePath.indexOf('_rewrite') - if (index === -1) { - index = basePath.length - 1 - } else { - index++ - } - return decodeURIComponent(basePath[index]) - } - } catch (_) { - // this is ok - } -} - -class HttpErrorBase extends Error { - constructor (method, res, body, spec) { - super() - this.headers = res.headers.raw() - this.statusCode = res.status - this.code = `E${res.status}` - this.method = method - this.uri = res.url - this.body = body - this.pkgid = spec ? spec.toString() : packageName(res.url) - } -} -module.exports.HttpErrorBase = HttpErrorBase - -class HttpErrorGeneral extends HttpErrorBase { - constructor (method, res, body, spec) { - super(method, res, body, spec) - this.message = `${res.status} ${res.statusText} - ${ - this.method.toUpperCase() - } ${ - this.spec || this.uri - }${ - (body && body.error) ? ' - ' + body.error : '' - }` - Error.captureStackTrace(this, HttpErrorGeneral) - } -} -module.exports.HttpErrorGeneral = HttpErrorGeneral - -class HttpErrorAuthOTP extends HttpErrorBase { - constructor (method, res, body, spec) { - super(method, res, body, spec) - this.message = 'OTP required for authentication' - this.code = 'EOTP' - Error.captureStackTrace(this, HttpErrorAuthOTP) - } -} -module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP - -class HttpErrorAuthIPAddress extends HttpErrorBase { - constructor (method, res, body, spec) { - super(method, res, body, spec) - this.message = 'Login is not allowed from your IP address' - this.code = 'EAUTHIP' - Error.captureStackTrace(this, HttpErrorAuthIPAddress) - } -} -module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress - -class HttpErrorAuthUnknown extends HttpErrorBase { - constructor (method, res, body, spec) { - super(method, res, body, spec) - this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') - Error.captureStackTrace(this, HttpErrorAuthUnknown) - } -} -module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/index.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/index.js deleted file mode 100644 index c18487388..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/index.js +++ /dev/null @@ -1,191 +0,0 @@ -'use strict' - -const Buffer = require('safe-buffer').Buffer - -const checkResponse = require('./check-response.js') -const config = require('./config.js') -const getAuth = require('./auth.js') -const fetch = require('make-fetch-happen') -const JSONStream = require('JSONStream') -const npa = require('npm-package-arg') -const {PassThrough} = require('stream') -const qs = require('querystring') -const url = require('url') -const zlib = require('zlib') - -module.exports = regFetch -function regFetch (uri, opts) { - opts = config(opts) - const registry = ( - (opts.spec && pickRegistry(opts.spec, opts)) || - opts.registry || - 'https://registry.npmjs.org/' - ) - uri = url.parse(uri).protocol - ? uri - : `${ - registry.trim().replace(/\/?$/g, '') - }/${ - uri.trim().replace(/^\//, '') - }` - // through that takes into account the scope, the prefix of `uri`, etc - const startTime = Date.now() - const headers = getHeaders(registry, uri, opts) - let body = opts.body - const bodyIsStream = body && - typeof body === 'object' && - typeof body.pipe === 'function' - if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { - headers['content-type'] = headers['content-type'] || 'application/json' - body = JSON.stringify(body) - } else if (body && !headers['content-type']) { - headers['content-type'] = 'application/octet-stream' - } - if (opts.gzip) { - headers['content-encoding'] = 'gzip' - if (bodyIsStream) { - const gz = zlib.createGzip() - body.on('error', err => gz.emit('error', err)) - body = body.pipe(gz) - } else { - body = new opts.Promise((resolve, reject) => { - zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) - }) - } - } - if (opts.query) { - let q = opts.query - if (typeof q === 'string') { - q = qs.parse(q) - } - Object.keys(q).forEach(key => { - if (q[key] === undefined) { - delete q[key] - } - }) - if (Object.keys(q).length) { - const parsed = url.parse(uri) - parsed.search = '?' + qs.stringify( - parsed.query - ? Object.assign(qs.parse(parsed.query), q) - : q - ) - uri = url.format(parsed) - } - } - return opts.Promise.resolve(body).then(body => fetch(uri, { - agent: opts.agent, - algorithms: opts.algorithms, - body, - cache: getCacheMode(opts), - cacheManager: opts.cache, - ca: opts.ca, - cert: opts.cert, - headers, - integrity: opts.integrity, - key: opts.key, - localAddress: opts['local-address'], - maxSockets: opts.maxsockets, - memoize: opts.memoize, - method: opts.method || 'GET', - noProxy: opts['no-proxy'] || opts.noproxy, - Promise: opts.Promise, - proxy: opts['https-proxy'] || opts.proxy, - referer: opts.refer, - retry: opts.retry != null ? opts.retry : { - retries: opts['fetch-retries'], - factor: opts['fetch-retry-factor'], - minTimeout: opts['fetch-retry-mintimeout'], - maxTimeout: opts['fetch-retry-maxtimeout'] - }, - strictSSL: !!opts['strict-ssl'], - timeout: opts.timeout - }).then(res => checkResponse( - opts.method || 'GET', res, registry, startTime, opts - ))) -} - -module.exports.json = fetchJSON -function fetchJSON (uri, opts) { - return regFetch(uri, opts).then(res => res.json()) -} - -module.exports.json.stream = fetchJSONStream -function fetchJSONStream (uri, jsonPath, opts) { - opts = config(opts) - const parser = JSONStream.parse(jsonPath, opts.mapJson) - const pt = parser.pipe(new PassThrough({objectMode: true})) - parser.on('error', err => pt.emit('error', err)) - regFetch(uri, opts).then(res => { - res.body.on('error', err => parser.emit('error', err)) - res.body.pipe(parser) - }, err => pt.emit('error', err)) - return pt -} - -module.exports.pickRegistry = pickRegistry -function pickRegistry (spec, opts) { - spec = npa(spec) - opts = config(opts) - let registry = spec.scope && - opts[spec.scope.replace(/^@?/, '@') + ':registry'] - - if (!registry && opts.scope) { - registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] - } - - if (!registry) { - registry = opts.registry || 'https://registry.npmjs.org/' - } - - return registry -} - -function getCacheMode (opts) { - return opts.offline - ? 'only-if-cached' - : opts['prefer-offline'] - ? 'force-cache' - : opts['prefer-online'] - ? 'no-cache' - : 'default' -} - -function getHeaders (registry, uri, opts) { - const headers = Object.assign({ - 'npm-in-ci': !!( - opts['is-from-ci'] || - process.env['CI'] === 'true' || - process.env['TDDIUM'] || - process.env['JENKINS_URL'] || - process.env['bamboo.buildKey'] || - process.env['GO_PIPELINE_NAME'] - ), - 'npm-scope': opts['project-scope'], - 'npm-session': opts['npm-session'], - 'user-agent': opts['user-agent'], - 'referer': opts.refer - }, opts.headers) - - const auth = getAuth(registry, opts) - // If a tarball is hosted on a different place than the manifest, only send - // credentials on `alwaysAuth` - const shouldAuth = ( - auth.alwaysAuth || - url.parse(uri).host === url.parse(registry).host - ) - if (shouldAuth && auth.token) { - headers.authorization = `Bearer ${auth.token}` - } else if (shouldAuth && auth.username && auth.password) { - const encoded = Buffer.from( - `${auth.username}:${auth.password}`, 'utf8' - ).toString('base64') - headers.authorization = `Basic ${encoded}` - } else if (shouldAuth && auth._auth) { - headers.authorization = `Basic ${auth._auth}` - } - if (shouldAuth && auth.otp) { - headers['npm-otp'] = auth.otp - } - return headers -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/CHANGELOG.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/CHANGELOG.md deleted file mode 100644 index 1b3431acc..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/CHANGELOG.md +++ /dev/null @@ -1,26 +0,0 @@ -# Change Log - -All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. - -<a name="6.1.1"></a> -## [6.1.1](https://github.com/npm/npm-package-arg/compare/v6.1.0...v6.1.1) (2019-08-21) - - -### Bug Fixes - -* preserve drive letter on windows git file:// urls ([3909203](https://github.com/npm/npm-package-arg/commit/3909203)) - - - -<a name="6.1.0"></a> -# [6.1.0](https://github.com/npm/npm-package-arg/compare/v6.0.0...v6.1.0) (2018-04-10) - - -### Bug Fixes - -* **git:** Fix gitRange for git+ssh for private git ([#33](https://github.com/npm/npm-package-arg/issues/33)) ([647a0b3](https://github.com/npm/npm-package-arg/commit/647a0b3)) - - -### Features - -* **alias:** add `npm:` registry alias spec ([#34](https://github.com/npm/npm-package-arg/issues/34)) ([ab99f8e](https://github.com/npm/npm-package-arg/commit/ab99f8e)) diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/LICENSE b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/LICENSE deleted file mode 100644 index 05eeeb88c..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/LICENSE +++ /dev/null @@ -1,15 +0,0 @@ -The ISC License - -Copyright (c) Isaac Z. Schlueter - -Permission to use, copy, modify, and/or distribute this software for any -purpose with or without fee is hereby granted, provided that the above -copyright notice and this permission notice appear in all copies. - -THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR -IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/README.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/README.md deleted file mode 100644 index 847341b21..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/README.md +++ /dev/null @@ -1,83 +0,0 @@ -# npm-package-arg - -[](https://travis-ci.org/npm/npm-package-arg) - -Parses package name and specifier passed to commands like `npm install` or -`npm cache add`, or as found in `package.json` dependency sections. - -## EXAMPLES - -```javascript -var assert = require("assert") -var npa = require("npm-package-arg") - -// Pass in the descriptor, and it'll return an object -try { - var parsed = npa("@bar/foo@1.2") -} catch (ex) { - … -} -``` - -## USING - -`var npa = require('npm-package-arg')` - -### var result = npa(*arg*[, *where*]) - -* *arg* - a string that you might pass to `npm install`, like: -`foo@1.2`, `@bar/foo@1.2`, `foo@user/foo`, `http://x.com/foo.tgz`, -`git+https://github.com/user/foo`, `bitbucket:user/foo`, `foo.tar.gz`, -`../foo/bar/` or `bar`. If the *arg* you provide doesn't have a specifier -part, eg `foo` then the specifier will default to `latest`. -* *where* - Optionally the path to resolve file paths relative to. Defaults to `process.cwd()` - -**Throws** if the package name is invalid, a dist-tag is invalid or a URL's protocol is not supported. - -### var result = npa.resolve(*name*, *spec*[, *where*]) - -* *name* - The name of the module you want to install. For example: `foo` or `@bar/foo`. -* *spec* - The specifier indicating where and how you can get this module. Something like: -`1.2`, `^1.7.17`, `http://x.com/foo.tgz`, `git+https://github.com/user/foo`, -`bitbucket:user/foo`, `file:foo.tar.gz` or `file:../foo/bar/`. If not -included then the default is `latest`. -* *where* - Optionally the path to resolve file paths relative to. Defaults to `process.cwd()` - -**Throws** if the package name is invalid, a dist-tag is invalid or a URL's protocol is not supported. - -## RESULT OBJECT - -The objects that are returned by npm-package-arg contain the following -keys: - -* `type` - One of the following strings: - * `git` - A git repo - * `tag` - A tagged version, like `"foo@latest"` - * `version` - A specific version number, like `"foo@1.2.3"` - * `range` - A version range, like `"foo@2.x"` - * `file` - A local `.tar.gz`, `.tar` or `.tgz` file. - * `directory` - A local directory. - * `remote` - An http url (presumably to a tgz) -* `registry` - If true this specifier refers to a resource hosted on a - registry. This is true for `tag`, `version` and `range` types. -* `name` - If known, the `name` field expected in the resulting pkg. -* `scope` - If a name is something like `@org/module` then the `scope` - field will be set to `@org`. If it doesn't have a scoped name, then - scope is `null`. -* `escapedName` - A version of `name` escaped to match the npm scoped packages - specification. Mostly used when making requests against a registry. When - `name` is `null`, `escapedName` will also be `null`. -* `rawSpec` - The specifier part that was parsed out in calls to `npa(arg)`, - or the value of `spec` in calls to `npa.resolve(name, spec). -* `saveSpec` - The normalized specifier, for saving to package.json files. - `null` for registry dependencies. -* `fetchSpec` - The version of the specifier to be used to fetch this - resource. `null` for shortcuts to hosted git dependencies as there isn't - just one URL to try with them. -* `gitRange` - If set, this is a semver specifier to match against git tags with -* `gitCommittish` - If set, this is the specific committish to use with a git dependency. -* `hosted` - If `from === 'hosted'` then this will be a `hosted-git-info` - object. This property is not included when serializing the object as - JSON. -* `raw` - The original un-modified string that was provided. If called as - `npa.resolve(name, spec)` then this will be `name + '@' + spec`. diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/.bin/semver b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/.bin/semver deleted file mode 120000 index 317eb293d..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/.bin/semver +++ /dev/null @@ -1 +0,0 @@ -../semver/bin/semver
\ No newline at end of file diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/CHANGELOG.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/CHANGELOG.md deleted file mode 100644 index 479f24b64..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/CHANGELOG.md +++ /dev/null @@ -1,115 +0,0 @@ -# Change Log - -All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. - -<a name="2.8.5"></a> -## [2.8.5](https://github.com/npm/hosted-git-info/compare/v2.8.4...v2.8.5) (2019-10-07) - - -### Bug Fixes - -* updated pathmatch for gitlab ([e8325b5](https://github.com/npm/hosted-git-info/commit/e8325b5)), closes [#51](https://github.com/npm/hosted-git-info/issues/51) -* updated pathmatch for gitlab ([ffe056f](https://github.com/npm/hosted-git-info/commit/ffe056f)) - - - -<a name="2.8.4"></a> -## [2.8.4](https://github.com/npm/hosted-git-info/compare/v2.8.3...v2.8.4) (2019-08-12) - - - -<a name="2.8.3"></a> -## [2.8.3](https://github.com/npm/hosted-git-info/compare/v2.8.2...v2.8.3) (2019-08-12) - - - -<a name="2.8.2"></a> -## [2.8.2](https://github.com/npm/hosted-git-info/compare/v2.8.1...v2.8.2) (2019-08-05) - - -### Bug Fixes - -* http protocol use sshurl by default ([3b1d629](https://github.com/npm/hosted-git-info/commit/3b1d629)), closes [#48](https://github.com/npm/hosted-git-info/issues/48) - - - -<a name="2.8.1"></a> -## [2.8.1](https://github.com/npm/hosted-git-info/compare/v2.8.0...v2.8.1) (2019-08-05) - - -### Bug Fixes - -* ignore noCommittish on tarball url generation ([5d4a8d7](https://github.com/npm/hosted-git-info/commit/5d4a8d7)) -* use gist tarball url that works for anonymous gists ([1692435](https://github.com/npm/hosted-git-info/commit/1692435)) - - - -<a name="2.8.0"></a> -# [2.8.0](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.0) (2019-08-05) - - -### Bug Fixes - -* Allow slashes in gitlab project section ([bbcf7b2](https://github.com/npm/hosted-git-info/commit/bbcf7b2)), closes [#46](https://github.com/npm/hosted-git-info/issues/46) [#43](https://github.com/npm/hosted-git-info/issues/43) -* **git-host:** disallow URI-encoded slash (%2F) in `path` ([3776fa5](https://github.com/npm/hosted-git-info/commit/3776fa5)), closes [#44](https://github.com/npm/hosted-git-info/issues/44) -* **gitlab:** Do not URL encode slashes in project name for GitLab https URL ([cbf04f9](https://github.com/npm/hosted-git-info/commit/cbf04f9)), closes [#47](https://github.com/npm/hosted-git-info/issues/47) -* do not allow invalid gist urls ([d5cf830](https://github.com/npm/hosted-git-info/commit/d5cf830)) -* **cache:** Switch to lru-cache to save ourselves from unlimited memory consumption ([e518222](https://github.com/npm/hosted-git-info/commit/e518222)), closes [#38](https://github.com/npm/hosted-git-info/issues/38) - - -### Features - -* give these objects a name ([60abaea](https://github.com/npm/hosted-git-info/commit/60abaea)) - - - -<a name="2.7.1"></a> -## [2.7.1](https://github.com/npm/hosted-git-info/compare/v2.7.0...v2.7.1) (2018-07-07) - - -### Bug Fixes - -* **index:** Guard against non-string types ([5bc580d](https://github.com/npm/hosted-git-info/commit/5bc580d)) -* **parse:** Crash on strings that parse to having no host ([c931482](https://github.com/npm/hosted-git-info/commit/c931482)), closes [#35](https://github.com/npm/hosted-git-info/issues/35) - - - -<a name="2.7.0"></a> -# [2.7.0](https://github.com/npm/hosted-git-info/compare/v2.6.1...v2.7.0) (2018-07-06) - - -### Bug Fixes - -* **github tarball:** update github tarballtemplate ([6efd582](https://github.com/npm/hosted-git-info/commit/6efd582)), closes [#34](https://github.com/npm/hosted-git-info/issues/34) -* **gitlab docs:** switched to lowercase anchors for readmes ([701bcd1](https://github.com/npm/hosted-git-info/commit/701bcd1)) - - -### Features - -* **all:** Support www. prefixes on hostnames ([3349575](https://github.com/npm/hosted-git-info/commit/3349575)), closes [#32](https://github.com/npm/hosted-git-info/issues/32) - - - -<a name="2.6.1"></a> -## [2.6.1](https://github.com/npm/hosted-git-info/compare/v2.6.0...v2.6.1) (2018-06-25) - -### Bug Fixes - -* **Revert:** "compat: remove Object.assign fallback ([#25](https://github.com/npm/hosted-git-info/issues/25))" ([cce5a62](https://github.com/npm/hosted-git-info/commit/cce5a62)) -* **Revert:** "git-host: fix forgotten extend()" ([a815ec9](https://github.com/npm/hosted-git-info/commit/a815ec9)) - - - -<a name="2.6.0"></a> -# [2.6.0](https://github.com/npm/hosted-git-info/compare/v2.5.0...v2.6.0) (2018-03-07) - - -### Bug Fixes - -* **compat:** remove Object.assign fallback ([#25](https://github.com/npm/hosted-git-info/issues/25)) ([627ab55](https://github.com/npm/hosted-git-info/commit/627ab55)) -* **git-host:** fix forgotten extend() ([eba1f7b](https://github.com/npm/hosted-git-info/commit/eba1f7b)) - - -### Features - -* **browse:** fragment support for browse() ([#28](https://github.com/npm/hosted-git-info/issues/28)) ([cd5e5bb](https://github.com/npm/hosted-git-info/commit/cd5e5bb)) diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/LICENSE b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/LICENSE deleted file mode 100644 index 45055763d..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright (c) 2015, Rebecca Turner - -Permission to use, copy, modify, and/or distribute this software for any -purpose with or without fee is hereby granted, provided that the above -copyright notice and this permission notice appear in all copies. - -THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH -REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND -FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, -INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR -OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/README.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/README.md deleted file mode 100644 index 7b723f6b9..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/README.md +++ /dev/null @@ -1,133 +0,0 @@ -# hosted-git-info - -This will let you identify and transform various git hosts URLs between -protocols. It also can tell you what the URL is for the raw path for -particular file for direct access without git. - -## Example - -```javascript -var hostedGitInfo = require("hosted-git-info") -var info = hostedGitInfo.fromUrl("git@github.com:npm/hosted-git-info.git", opts) -/* info looks like: -{ - type: "github", - domain: "github.com", - user: "npm", - project: "hosted-git-info" -} -*/ -``` - -If the URL can't be matched with a git host, `null` will be returned. We -can match git, ssh and https urls. Additionally, we can match ssh connect -strings (`git@github.com:npm/hosted-git-info`) and shortcuts (eg, -`github:npm/hosted-git-info`). Github specifically, is detected in the case -of a third, unprefixed, form: `npm/hosted-git-info`. - -If it does match, the returned object has properties of: - -* info.type -- The short name of the service -* info.domain -- The domain for git protocol use -* info.user -- The name of the user/org on the git host -* info.project -- The name of the project on the git host - -## Version Contract - -The major version will be bumped any time… - -* The constructor stops accepting URLs that it previously accepted. -* A method is removed. -* A method can no longer accept the number and type of arguments it previously accepted. -* A method can return a different type than it currently returns. - -Implications: - -* I do not consider the specific format of the urls returned from, say - `.https()` to be a part of the contract. The contract is that it will - return a string that can be used to fetch the repo via HTTPS. But what - that string looks like, specifically, can change. -* Dropping support for a hosted git provider would constitute a breaking - change. - -## Usage - -### var info = hostedGitInfo.fromUrl(gitSpecifier[, options]) - -* *gitSpecifer* is a URL of a git repository or a SCP-style specifier of one. -* *options* is an optional object. It can have the following properties: - * *noCommittish* — If true then committishes won't be included in generated URLs. - * *noGitPlus* — If true then `git+` won't be prefixed on URLs. - -## Methods - -All of the methods take the same options as the `fromUrl` factory. Options -provided to a method override those provided to the constructor. - -* info.file(path, opts) - -Given the path of a file relative to the repository, returns a URL for -directly fetching it from the githost. If no committish was set then -`master` will be used as the default. - -For example `hostedGitInfo.fromUrl("git@github.com:npm/hosted-git-info.git#v1.0.0").file("package.json")` -would return `https://raw.githubusercontent.com/npm/hosted-git-info/v1.0.0/package.json` - -* info.shortcut(opts) - -eg, `github:npm/hosted-git-info` - -* info.browse(path, fragment, opts) - -eg, `https://github.com/npm/hosted-git-info/tree/v1.2.0`, -`https://github.com/npm/hosted-git-info/tree/v1.2.0/package.json`, -`https://github.com/npm/hosted-git-info/tree/v1.2.0/REAMDE.md#supported-hosts` - -* info.bugs(opts) - -eg, `https://github.com/npm/hosted-git-info/issues` - -* info.docs(opts) - -eg, `https://github.com/npm/hosted-git-info/tree/v1.2.0#readme` - -* info.https(opts) - -eg, `git+https://github.com/npm/hosted-git-info.git` - -* info.sshurl(opts) - -eg, `git+ssh://git@github.com/npm/hosted-git-info.git` - -* info.ssh(opts) - -eg, `git@github.com:npm/hosted-git-info.git` - -* info.path(opts) - -eg, `npm/hosted-git-info` - -* info.tarball(opts) - -eg, `https://github.com/npm/hosted-git-info/archive/v1.2.0.tar.gz` - -* info.getDefaultRepresentation() - -Returns the default output type. The default output type is based on the -string you passed in to be parsed - -* info.toString(opts) - -Uses the getDefaultRepresentation to call one of the other methods to get a URL for -this resource. As such `hostedGitInfo.fromUrl(url).toString()` will give -you a normalized version of the URL that still uses the same protocol. - -Shortcuts will still be returned as shortcuts, but the special case github -form of `org/project` will be normalized to `github:org/project`. - -SSH connect strings will be normalized into `git+ssh` URLs. - -## Supported hosts - -Currently this supports Github, Bitbucket and Gitlab. Pull requests for -additional hosts welcome. diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host-info.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host-info.js deleted file mode 100644 index 8147e3348..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host-info.js +++ /dev/null @@ -1,79 +0,0 @@ -'use strict' - -var gitHosts = module.exports = { - github: { - // First two are insecure and generally shouldn't be used any more, but - // they are still supported. - 'protocols': [ 'git', 'http', 'git+ssh', 'git+https', 'ssh', 'https' ], - 'domain': 'github.com', - 'treepath': 'tree', - 'filetemplate': 'https://{auth@}raw.githubusercontent.com/{user}/{project}/{committish}/{path}', - 'bugstemplate': 'https://{domain}/{user}/{project}/issues', - 'gittemplate': 'git://{auth@}{domain}/{user}/{project}.git{#committish}', - 'tarballtemplate': 'https://codeload.{domain}/{user}/{project}/tar.gz/{committish}' - }, - bitbucket: { - 'protocols': [ 'git+ssh', 'git+https', 'ssh', 'https' ], - 'domain': 'bitbucket.org', - 'treepath': 'src', - 'tarballtemplate': 'https://{domain}/{user}/{project}/get/{committish}.tar.gz' - }, - gitlab: { - 'protocols': [ 'git+ssh', 'git+https', 'ssh', 'https' ], - 'domain': 'gitlab.com', - 'treepath': 'tree', - 'bugstemplate': 'https://{domain}/{user}/{project}/issues', - 'httpstemplate': 'git+https://{auth@}{domain}/{user}/{projectPath}.git{#committish}', - 'tarballtemplate': 'https://{domain}/{user}/{project}/repository/archive.tar.gz?ref={committish}', - 'pathmatch': /^[/]([^/]+)[/]((?!.*(\/-\/|\/repository\/archive\.tar\.gz\?=.*|\/repository\/[^/]+\/archive.tar.gz$)).*?)(?:[.]git|[/])?$/ - }, - gist: { - 'protocols': [ 'git', 'git+ssh', 'git+https', 'ssh', 'https' ], - 'domain': 'gist.github.com', - 'pathmatch': /^[/](?:([^/]+)[/])?([a-z0-9]{32,})(?:[.]git)?$/, - 'filetemplate': 'https://gist.githubusercontent.com/{user}/{project}/raw{/committish}/{path}', - 'bugstemplate': 'https://{domain}/{project}', - 'gittemplate': 'git://{domain}/{project}.git{#committish}', - 'sshtemplate': 'git@{domain}:/{project}.git{#committish}', - 'sshurltemplate': 'git+ssh://git@{domain}/{project}.git{#committish}', - 'browsetemplate': 'https://{domain}/{project}{/committish}', - 'browsefiletemplate': 'https://{domain}/{project}{/committish}{#path}', - 'docstemplate': 'https://{domain}/{project}{/committish}', - 'httpstemplate': 'git+https://{domain}/{project}.git{#committish}', - 'shortcuttemplate': '{type}:{project}{#committish}', - 'pathtemplate': '{project}{#committish}', - 'tarballtemplate': 'https://codeload.github.com/gist/{project}/tar.gz/{committish}', - 'hashformat': function (fragment) { - return 'file-' + formatHashFragment(fragment) - } - } -} - -var gitHostDefaults = { - 'sshtemplate': 'git@{domain}:{user}/{project}.git{#committish}', - 'sshurltemplate': 'git+ssh://git@{domain}/{user}/{project}.git{#committish}', - 'browsetemplate': 'https://{domain}/{user}/{project}{/tree/committish}', - 'browsefiletemplate': 'https://{domain}/{user}/{project}/{treepath}/{committish}/{path}{#fragment}', - 'docstemplate': 'https://{domain}/{user}/{project}{/tree/committish}#readme', - 'httpstemplate': 'git+https://{auth@}{domain}/{user}/{project}.git{#committish}', - 'filetemplate': 'https://{domain}/{user}/{project}/raw/{committish}/{path}', - 'shortcuttemplate': '{type}:{user}/{project}{#committish}', - 'pathtemplate': '{user}/{project}{#committish}', - 'pathmatch': /^[/]([^/]+)[/]([^/]+?)(?:[.]git|[/])?$/, - 'hashformat': formatHashFragment -} - -Object.keys(gitHosts).forEach(function (name) { - Object.keys(gitHostDefaults).forEach(function (key) { - if (gitHosts[name][key]) return - gitHosts[name][key] = gitHostDefaults[key] - }) - gitHosts[name].protocols_re = RegExp('^(' + - gitHosts[name].protocols.map(function (protocol) { - return protocol.replace(/([\\+*{}()[\]$^|])/g, '\\$1') - }).join('|') + '):$') -}) - -function formatHashFragment (fragment) { - return fragment.toLowerCase().replace(/^\W+|\/|\W+$/g, '').replace(/\W+/g, '-') -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host.js deleted file mode 100644 index 9616fbaa6..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host.js +++ /dev/null @@ -1,156 +0,0 @@ -'use strict' -var gitHosts = require('./git-host-info.js') -/* eslint-disable node/no-deprecated-api */ - -// copy-pasta util._extend from node's source, to avoid pulling -// the whole util module into peoples' webpack bundles. -/* istanbul ignore next */ -var extend = Object.assign || function _extend (target, source) { - // Don't do anything if source isn't an object - if (source === null || typeof source !== 'object') return target - - var keys = Object.keys(source) - var i = keys.length - while (i--) { - target[keys[i]] = source[keys[i]] - } - return target -} - -module.exports = GitHost -function GitHost (type, user, auth, project, committish, defaultRepresentation, opts) { - var gitHostInfo = this - gitHostInfo.type = type - Object.keys(gitHosts[type]).forEach(function (key) { - gitHostInfo[key] = gitHosts[type][key] - }) - gitHostInfo.user = user - gitHostInfo.auth = auth - gitHostInfo.project = project - gitHostInfo.committish = committish - gitHostInfo.default = defaultRepresentation - gitHostInfo.opts = opts || {} -} - -GitHost.prototype.hash = function () { - return this.committish ? '#' + this.committish : '' -} - -GitHost.prototype._fill = function (template, opts) { - if (!template) return - var vars = extend({}, opts) - vars.path = vars.path ? vars.path.replace(/^[/]+/g, '') : '' - opts = extend(extend({}, this.opts), opts) - var self = this - Object.keys(this).forEach(function (key) { - if (self[key] != null && vars[key] == null) vars[key] = self[key] - }) - var rawAuth = vars.auth - var rawcommittish = vars.committish - var rawFragment = vars.fragment - var rawPath = vars.path - var rawProject = vars.project - Object.keys(vars).forEach(function (key) { - var value = vars[key] - if ((key === 'path' || key === 'project') && typeof value === 'string') { - vars[key] = value.split('/').map(function (pathComponent) { - return encodeURIComponent(pathComponent) - }).join('/') - } else { - vars[key] = encodeURIComponent(value) - } - }) - vars['auth@'] = rawAuth ? rawAuth + '@' : '' - vars['#fragment'] = rawFragment ? '#' + this.hashformat(rawFragment) : '' - vars.fragment = vars.fragment ? vars.fragment : '' - vars['#path'] = rawPath ? '#' + this.hashformat(rawPath) : '' - vars['/path'] = vars.path ? '/' + vars.path : '' - vars.projectPath = rawProject.split('/').map(encodeURIComponent).join('/') - if (opts.noCommittish) { - vars['#committish'] = '' - vars['/tree/committish'] = '' - vars['/committish'] = '' - vars.committish = '' - } else { - vars['#committish'] = rawcommittish ? '#' + rawcommittish : '' - vars['/tree/committish'] = vars.committish - ? '/' + vars.treepath + '/' + vars.committish - : '' - vars['/committish'] = vars.committish ? '/' + vars.committish : '' - vars.committish = vars.committish || 'master' - } - var res = template - Object.keys(vars).forEach(function (key) { - res = res.replace(new RegExp('[{]' + key + '[}]', 'g'), vars[key]) - }) - if (opts.noGitPlus) { - return res.replace(/^git[+]/, '') - } else { - return res - } -} - -GitHost.prototype.ssh = function (opts) { - return this._fill(this.sshtemplate, opts) -} - -GitHost.prototype.sshurl = function (opts) { - return this._fill(this.sshurltemplate, opts) -} - -GitHost.prototype.browse = function (P, F, opts) { - if (typeof P === 'string') { - if (typeof F !== 'string') { - opts = F - F = null - } - return this._fill(this.browsefiletemplate, extend({ - fragment: F, - path: P - }, opts)) - } else { - return this._fill(this.browsetemplate, P) - } -} - -GitHost.prototype.docs = function (opts) { - return this._fill(this.docstemplate, opts) -} - -GitHost.prototype.bugs = function (opts) { - return this._fill(this.bugstemplate, opts) -} - -GitHost.prototype.https = function (opts) { - return this._fill(this.httpstemplate, opts) -} - -GitHost.prototype.git = function (opts) { - return this._fill(this.gittemplate, opts) -} - -GitHost.prototype.shortcut = function (opts) { - return this._fill(this.shortcuttemplate, opts) -} - -GitHost.prototype.path = function (opts) { - return this._fill(this.pathtemplate, opts) -} - -GitHost.prototype.tarball = function (opts_) { - var opts = extend({}, opts_, { noCommittish: false }) - return this._fill(this.tarballtemplate, opts) -} - -GitHost.prototype.file = function (P, opts) { - return this._fill(this.filetemplate, extend({ path: P }, opts)) -} - -GitHost.prototype.getDefaultRepresentation = function () { - return this.default -} - -GitHost.prototype.toString = function (opts) { - if (this.default && typeof this[this.default] === 'function') return this[this.default](opts) - return this.sshurl(opts) -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/index.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/index.js deleted file mode 100644 index fc959cb04..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/index.js +++ /dev/null @@ -1,125 +0,0 @@ -'use strict' -var url = require('url') -var gitHosts = require('./git-host-info.js') -var GitHost = module.exports = require('./git-host.js') - -var protocolToRepresentationMap = { - 'git+ssh:': 'sshurl', - 'git+https:': 'https', - 'ssh:': 'sshurl', - 'git:': 'git' -} - -function protocolToRepresentation (protocol) { - return protocolToRepresentationMap[protocol] || protocol.slice(0, -1) -} - -var authProtocols = { - 'git:': true, - 'https:': true, - 'git+https:': true, - 'http:': true, - 'git+http:': true -} - -var cache = {} - -module.exports.fromUrl = function (giturl, opts) { - if (typeof giturl !== 'string') return - var key = giturl + JSON.stringify(opts || {}) - - if (!(key in cache)) { - cache[key] = fromUrl(giturl, opts) - } - - return cache[key] -} - -function fromUrl (giturl, opts) { - if (giturl == null || giturl === '') return - var url = fixupUnqualifiedGist( - isGitHubShorthand(giturl) ? 'github:' + giturl : giturl - ) - var parsed = parseGitUrl(url) - var shortcutMatch = url.match(new RegExp('^([^:]+):(?:(?:[^@:]+(?:[^@]+)?@)?([^/]*))[/](.+?)(?:[.]git)?($|#)')) - var matches = Object.keys(gitHosts).map(function (gitHostName) { - try { - var gitHostInfo = gitHosts[gitHostName] - var auth = null - if (parsed.auth && authProtocols[parsed.protocol]) { - auth = decodeURIComponent(parsed.auth) - } - var committish = parsed.hash ? decodeURIComponent(parsed.hash.substr(1)) : null - var user = null - var project = null - var defaultRepresentation = null - if (shortcutMatch && shortcutMatch[1] === gitHostName) { - user = shortcutMatch[2] && decodeURIComponent(shortcutMatch[2]) - project = decodeURIComponent(shortcutMatch[3]) - defaultRepresentation = 'shortcut' - } else { - if (parsed.host && parsed.host !== gitHostInfo.domain && parsed.host.replace(/^www[.]/, '') !== gitHostInfo.domain) return - if (!gitHostInfo.protocols_re.test(parsed.protocol)) return - if (!parsed.path) return - var pathmatch = gitHostInfo.pathmatch - var matched = parsed.path.match(pathmatch) - if (!matched) return - /* istanbul ignore else */ - if (matched[1] !== null && matched[1] !== undefined) { - user = decodeURIComponent(matched[1].replace(/^:/, '')) - } - project = decodeURIComponent(matched[2]) - defaultRepresentation = protocolToRepresentation(parsed.protocol) - } - return new GitHost(gitHostName, user, auth, project, committish, defaultRepresentation, opts) - } catch (ex) { - /* istanbul ignore else */ - if (ex instanceof URIError) { - } else throw ex - } - }).filter(function (gitHostInfo) { return gitHostInfo }) - if (matches.length !== 1) return - return matches[0] -} - -function isGitHubShorthand (arg) { - // Note: This does not fully test the git ref format. - // See https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html - // - // The only way to do this properly would be to shell out to - // git-check-ref-format, and as this is a fast sync function, - // we don't want to do that. Just let git fail if it turns - // out that the commit-ish is invalid. - // GH usernames cannot start with . or - - return /^[^:@%/\s.-][^:@%/\s]*[/][^:@\s/%]+(?:#.*)?$/.test(arg) -} - -function fixupUnqualifiedGist (giturl) { - // necessary for round-tripping gists - var parsed = url.parse(giturl) - if (parsed.protocol === 'gist:' && parsed.host && !parsed.path) { - return parsed.protocol + '/' + parsed.host - } else { - return giturl - } -} - -function parseGitUrl (giturl) { - var matched = giturl.match(/^([^@]+)@([^:/]+):[/]?((?:[^/]+[/])?[^/]+?)(?:[.]git)?(#.*)?$/) - if (!matched) return url.parse(giturl) - return { - protocol: 'git+ssh:', - slashes: true, - auth: matched[1], - host: matched[2], - port: null, - hostname: matched[2], - hash: matched[4], - search: null, - query: null, - pathname: '/' + matched[3], - path: '/' + matched[3], - href: 'git+ssh://' + matched[1] + '@' + matched[2] + - '/' + matched[3] + (matched[4] || '') - } -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/package.json b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/package.json deleted file mode 100644 index 1e1330297..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/hosted-git-info/package.json +++ /dev/null @@ -1,69 +0,0 @@ -{ - "_from": "hosted-git-info@^2.7.1", - "_id": "hosted-git-info@2.8.5", - "_inBundle": false, - "_integrity": "sha512-kssjab8CvdXfcXMXVcvsXum4Hwdq9XGtRD3TteMEvEbq0LXyiNQr6AprqKqfeaDXze7SxWvRxdpwE6ku7ikLkg==", - "_location": "/npm-profile/npm-registry-fetch/npm-package-arg/hosted-git-info", - "_phantomChildren": {}, - "_requested": { - "type": "range", - "registry": true, - "raw": "hosted-git-info@^2.7.1", - "name": "hosted-git-info", - "escapedName": "hosted-git-info", - "rawSpec": "^2.7.1", - "saveSpec": null, - "fetchSpec": "^2.7.1" - }, - "_requiredBy": [ - "/npm-profile/npm-registry-fetch/npm-package-arg" - ], - "_resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.5.tgz", - "_shasum": "759cfcf2c4d156ade59b0b2dfabddc42a6b9c70c", - "_spec": "hosted-git-info@^2.7.1", - "_where": "/Users/isaacs/dev/npm/cli/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg", - "author": { - "name": "Rebecca Turner", - "email": "me@re-becca.org", - "url": "http://re-becca.org" - }, - "bugs": { - "url": "https://github.com/npm/hosted-git-info/issues" - }, - "bundleDependencies": false, - "deprecated": false, - "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", - "devDependencies": { - "standard": "^11.0.1", - "standard-version": "^4.4.0", - "tap": "^12.7.0" - }, - "files": [ - "index.js", - "git-host.js", - "git-host-info.js" - ], - "homepage": "https://github.com/npm/hosted-git-info", - "keywords": [ - "git", - "github", - "bitbucket", - "gitlab" - ], - "license": "ISC", - "main": "index.js", - "name": "hosted-git-info", - "repository": { - "type": "git", - "url": "git+https://github.com/npm/hosted-git-info.git" - }, - "scripts": { - "postrelease": "npm publish --tag=ancient-legacy-fixes && git push --follow-tags", - "prerelease": "npm t", - "pretest": "standard", - "release": "standard-version -s", - "test": "tap -J --100 --no-esm test/*.js", - "test:coverage": "tap --coverage-report=html -J --100 --no-esm test/*.js" - }, - "version": "2.8.5" -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/CHANGELOG.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/CHANGELOG.md deleted file mode 100644 index 66304fdd2..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/CHANGELOG.md +++ /dev/null @@ -1,39 +0,0 @@ -# changes log - -## 5.7 - -* Add `minVersion` method - -## 5.6 - -* Move boolean `loose` param to an options object, with - backwards-compatibility protection. -* Add ability to opt out of special prerelease version handling with - the `includePrerelease` option flag. - -## 5.5 - -* Add version coercion capabilities - -## 5.4 - -* Add intersection checking - -## 5.3 - -* Add `minSatisfying` method - -## 5.2 - -* Add `prerelease(v)` that returns prerelease components - -## 5.1 - -* Add Backus-Naur for ranges -* Remove excessively cute inspection methods - -## 5.0 - -* Remove AMD/Browserified build artifacts -* Fix ltr and gtr when using the `*` range -* Fix for range `*` with a prerelease identifier diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/LICENSE b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/LICENSE deleted file mode 100644 index 19129e315..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/LICENSE +++ /dev/null @@ -1,15 +0,0 @@ -The ISC License - -Copyright (c) Isaac Z. Schlueter and Contributors - -Permission to use, copy, modify, and/or distribute this software for any -purpose with or without fee is hereby granted, provided that the above -copyright notice and this permission notice appear in all copies. - -THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR -IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/README.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/README.md deleted file mode 100644 index f8dfa5a0d..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/README.md +++ /dev/null @@ -1,412 +0,0 @@ -semver(1) -- The semantic versioner for npm -=========================================== - -## Install - -```bash -npm install --save semver -```` - -## Usage - -As a node module: - -```js -const semver = require('semver') - -semver.valid('1.2.3') // '1.2.3' -semver.valid('a.b.c') // null -semver.clean(' =v1.2.3 ') // '1.2.3' -semver.satisfies('1.2.3', '1.x || >=2.5.0 || 5.0.0 - 7.2.3') // true -semver.gt('1.2.3', '9.8.7') // false -semver.lt('1.2.3', '9.8.7') // true -semver.minVersion('>=1.0.0') // '1.0.0' -semver.valid(semver.coerce('v2')) // '2.0.0' -semver.valid(semver.coerce('42.6.7.9.3-alpha')) // '42.6.7' -``` - -As a command-line utility: - -``` -$ semver -h - -A JavaScript implementation of the https://semver.org/ specification -Copyright Isaac Z. Schlueter - -Usage: semver [options] <version> [<version> [...]] -Prints valid versions sorted by SemVer precedence - -Options: --r --range <range> - Print versions that match the specified range. - --i --increment [<level>] - Increment a version by the specified level. Level can - be one of: major, minor, patch, premajor, preminor, - prepatch, or prerelease. Default level is 'patch'. - Only one version may be specified. - ---preid <identifier> - Identifier to be used to prefix premajor, preminor, - prepatch or prerelease version increments. - --l --loose - Interpret versions and ranges loosely - --p --include-prerelease - Always include prerelease versions in range matching - --c --coerce - Coerce a string into SemVer if possible - (does not imply --loose) - -Program exits successfully if any valid version satisfies -all supplied ranges, and prints all satisfying versions. - -If no satisfying versions are found, then exits failure. - -Versions are printed in ascending order, so supplying -multiple versions to the utility will just sort them. -``` - -## Versions - -A "version" is described by the `v2.0.0` specification found at -<https://semver.org/>. - -A leading `"="` or `"v"` character is stripped off and ignored. - -## Ranges - -A `version range` is a set of `comparators` which specify versions -that satisfy the range. - -A `comparator` is composed of an `operator` and a `version`. The set -of primitive `operators` is: - -* `<` Less than -* `<=` Less than or equal to -* `>` Greater than -* `>=` Greater than or equal to -* `=` Equal. If no operator is specified, then equality is assumed, - so this operator is optional, but MAY be included. - -For example, the comparator `>=1.2.7` would match the versions -`1.2.7`, `1.2.8`, `2.5.3`, and `1.3.9`, but not the versions `1.2.6` -or `1.1.0`. - -Comparators can be joined by whitespace to form a `comparator set`, -which is satisfied by the **intersection** of all of the comparators -it includes. - -A range is composed of one or more comparator sets, joined by `||`. A -version matches a range if and only if every comparator in at least -one of the `||`-separated comparator sets is satisfied by the version. - -For example, the range `>=1.2.7 <1.3.0` would match the versions -`1.2.7`, `1.2.8`, and `1.2.99`, but not the versions `1.2.6`, `1.3.0`, -or `1.1.0`. - -The range `1.2.7 || >=1.2.9 <2.0.0` would match the versions `1.2.7`, -`1.2.9`, and `1.4.6`, but not the versions `1.2.8` or `2.0.0`. - -### Prerelease Tags - -If a version has a prerelease tag (for example, `1.2.3-alpha.3`) then -it will only be allowed to satisfy comparator sets if at least one -comparator with the same `[major, minor, patch]` tuple also has a -prerelease tag. - -For example, the range `>1.2.3-alpha.3` would be allowed to match the -version `1.2.3-alpha.7`, but it would *not* be satisfied by -`3.4.5-alpha.9`, even though `3.4.5-alpha.9` is technically "greater -than" `1.2.3-alpha.3` according to the SemVer sort rules. The version -range only accepts prerelease tags on the `1.2.3` version. The -version `3.4.5` *would* satisfy the range, because it does not have a -prerelease flag, and `3.4.5` is greater than `1.2.3-alpha.7`. - -The purpose for this behavior is twofold. First, prerelease versions -frequently are updated very quickly, and contain many breaking changes -that are (by the author's design) not yet fit for public consumption. -Therefore, by default, they are excluded from range matching -semantics. - -Second, a user who has opted into using a prerelease version has -clearly indicated the intent to use *that specific* set of -alpha/beta/rc versions. By including a prerelease tag in the range, -the user is indicating that they are aware of the risk. However, it -is still not appropriate to assume that they have opted into taking a -similar risk on the *next* set of prerelease versions. - -Note that this behavior can be suppressed (treating all prerelease -versions as if they were normal versions, for the purpose of range -matching) by setting the `includePrerelease` flag on the options -object to any -[functions](https://github.com/npm/node-semver#functions) that do -range matching. - -#### Prerelease Identifiers - -The method `.inc` takes an additional `identifier` string argument that -will append the value of the string as a prerelease identifier: - -```javascript -semver.inc('1.2.3', 'prerelease', 'beta') -// '1.2.4-beta.0' -``` - -command-line example: - -```bash -$ semver 1.2.3 -i prerelease --preid beta -1.2.4-beta.0 -``` - -Which then can be used to increment further: - -```bash -$ semver 1.2.4-beta.0 -i prerelease -1.2.4-beta.1 -``` - -### Advanced Range Syntax - -Advanced range syntax desugars to primitive comparators in -deterministic ways. - -Advanced ranges may be combined in the same way as primitive -comparators using white space or `||`. - -#### Hyphen Ranges `X.Y.Z - A.B.C` - -Specifies an inclusive set. - -* `1.2.3 - 2.3.4` := `>=1.2.3 <=2.3.4` - -If a partial version is provided as the first version in the inclusive -range, then the missing pieces are replaced with zeroes. - -* `1.2 - 2.3.4` := `>=1.2.0 <=2.3.4` - -If a partial version is provided as the second version in the -inclusive range, then all versions that start with the supplied parts -of the tuple are accepted, but nothing that would be greater than the -provided tuple parts. - -* `1.2.3 - 2.3` := `>=1.2.3 <2.4.0` -* `1.2.3 - 2` := `>=1.2.3 <3.0.0` - -#### X-Ranges `1.2.x` `1.X` `1.2.*` `*` - -Any of `X`, `x`, or `*` may be used to "stand in" for one of the -numeric values in the `[major, minor, patch]` tuple. - -* `*` := `>=0.0.0` (Any version satisfies) -* `1.x` := `>=1.0.0 <2.0.0` (Matching major version) -* `1.2.x` := `>=1.2.0 <1.3.0` (Matching major and minor versions) - -A partial version range is treated as an X-Range, so the special -character is in fact optional. - -* `""` (empty string) := `*` := `>=0.0.0` -* `1` := `1.x.x` := `>=1.0.0 <2.0.0` -* `1.2` := `1.2.x` := `>=1.2.0 <1.3.0` - -#### Tilde Ranges `~1.2.3` `~1.2` `~1` - -Allows patch-level changes if a minor version is specified on the -comparator. Allows minor-level changes if not. - -* `~1.2.3` := `>=1.2.3 <1.(2+1).0` := `>=1.2.3 <1.3.0` -* `~1.2` := `>=1.2.0 <1.(2+1).0` := `>=1.2.0 <1.3.0` (Same as `1.2.x`) -* `~1` := `>=1.0.0 <(1+1).0.0` := `>=1.0.0 <2.0.0` (Same as `1.x`) -* `~0.2.3` := `>=0.2.3 <0.(2+1).0` := `>=0.2.3 <0.3.0` -* `~0.2` := `>=0.2.0 <0.(2+1).0` := `>=0.2.0 <0.3.0` (Same as `0.2.x`) -* `~0` := `>=0.0.0 <(0+1).0.0` := `>=0.0.0 <1.0.0` (Same as `0.x`) -* `~1.2.3-beta.2` := `>=1.2.3-beta.2 <1.3.0` Note that prereleases in - the `1.2.3` version will be allowed, if they are greater than or - equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but - `1.2.4-beta.2` would not, because it is a prerelease of a - different `[major, minor, patch]` tuple. - -#### Caret Ranges `^1.2.3` `^0.2.5` `^0.0.4` - -Allows changes that do not modify the left-most non-zero digit in the -`[major, minor, patch]` tuple. In other words, this allows patch and -minor updates for versions `1.0.0` and above, patch updates for -versions `0.X >=0.1.0`, and *no* updates for versions `0.0.X`. - -Many authors treat a `0.x` version as if the `x` were the major -"breaking-change" indicator. - -Caret ranges are ideal when an author may make breaking changes -between `0.2.4` and `0.3.0` releases, which is a common practice. -However, it presumes that there will *not* be breaking changes between -`0.2.4` and `0.2.5`. It allows for changes that are presumed to be -additive (but non-breaking), according to commonly observed practices. - -* `^1.2.3` := `>=1.2.3 <2.0.0` -* `^0.2.3` := `>=0.2.3 <0.3.0` -* `^0.0.3` := `>=0.0.3 <0.0.4` -* `^1.2.3-beta.2` := `>=1.2.3-beta.2 <2.0.0` Note that prereleases in - the `1.2.3` version will be allowed, if they are greater than or - equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but - `1.2.4-beta.2` would not, because it is a prerelease of a - different `[major, minor, patch]` tuple. -* `^0.0.3-beta` := `>=0.0.3-beta <0.0.4` Note that prereleases in the - `0.0.3` version *only* will be allowed, if they are greater than or - equal to `beta`. So, `0.0.3-pr.2` would be allowed. - -When parsing caret ranges, a missing `patch` value desugars to the -number `0`, but will allow flexibility within that value, even if the -major and minor versions are both `0`. - -* `^1.2.x` := `>=1.2.0 <2.0.0` -* `^0.0.x` := `>=0.0.0 <0.1.0` -* `^0.0` := `>=0.0.0 <0.1.0` - -A missing `minor` and `patch` values will desugar to zero, but also -allow flexibility within those values, even if the major version is -zero. - -* `^1.x` := `>=1.0.0 <2.0.0` -* `^0.x` := `>=0.0.0 <1.0.0` - -### Range Grammar - -Putting all this together, here is a Backus-Naur grammar for ranges, -for the benefit of parser authors: - -```bnf -range-set ::= range ( logical-or range ) * -logical-or ::= ( ' ' ) * '||' ( ' ' ) * -range ::= hyphen | simple ( ' ' simple ) * | '' -hyphen ::= partial ' - ' partial -simple ::= primitive | partial | tilde | caret -primitive ::= ( '<' | '>' | '>=' | '<=' | '=' ) partial -partial ::= xr ( '.' xr ( '.' xr qualifier ? )? )? -xr ::= 'x' | 'X' | '*' | nr -nr ::= '0' | ['1'-'9'] ( ['0'-'9'] ) * -tilde ::= '~' partial -caret ::= '^' partial -qualifier ::= ( '-' pre )? ( '+' build )? -pre ::= parts -build ::= parts -parts ::= part ( '.' part ) * -part ::= nr | [-0-9A-Za-z]+ -``` - -## Functions - -All methods and classes take a final `options` object argument. All -options in this object are `false` by default. The options supported -are: - -- `loose` Be more forgiving about not-quite-valid semver strings. - (Any resulting output will always be 100% strict compliant, of - course.) For backwards compatibility reasons, if the `options` - argument is a boolean value instead of an object, it is interpreted - to be the `loose` param. -- `includePrerelease` Set to suppress the [default - behavior](https://github.com/npm/node-semver#prerelease-tags) of - excluding prerelease tagged versions from ranges unless they are - explicitly opted into. - -Strict-mode Comparators and Ranges will be strict about the SemVer -strings that they parse. - -* `valid(v)`: Return the parsed version, or null if it's not valid. -* `inc(v, release)`: Return the version incremented by the release - type (`major`, `premajor`, `minor`, `preminor`, `patch`, - `prepatch`, or `prerelease`), or null if it's not valid - * `premajor` in one call will bump the version up to the next major - version and down to a prerelease of that major version. - `preminor`, and `prepatch` work the same way. - * If called from a non-prerelease version, the `prerelease` will work the - same as `prepatch`. It increments the patch version, then makes a - prerelease. If the input version is already a prerelease it simply - increments it. -* `prerelease(v)`: Returns an array of prerelease components, or null - if none exist. Example: `prerelease('1.2.3-alpha.1') -> ['alpha', 1]` -* `major(v)`: Return the major version number. -* `minor(v)`: Return the minor version number. -* `patch(v)`: Return the patch version number. -* `intersects(r1, r2, loose)`: Return true if the two supplied ranges - or comparators intersect. -* `parse(v)`: Attempt to parse a string as a semantic version, returning either - a `SemVer` object or `null`. - -### Comparison - -* `gt(v1, v2)`: `v1 > v2` -* `gte(v1, v2)`: `v1 >= v2` -* `lt(v1, v2)`: `v1 < v2` -* `lte(v1, v2)`: `v1 <= v2` -* `eq(v1, v2)`: `v1 == v2` This is true if they're logically equivalent, - even if they're not the exact same string. You already know how to - compare strings. -* `neq(v1, v2)`: `v1 != v2` The opposite of `eq`. -* `cmp(v1, comparator, v2)`: Pass in a comparison string, and it'll call - the corresponding function above. `"==="` and `"!=="` do simple - string comparison, but are included for completeness. Throws if an - invalid comparison string is provided. -* `compare(v1, v2)`: Return `0` if `v1 == v2`, or `1` if `v1` is greater, or `-1` if - `v2` is greater. Sorts in ascending order if passed to `Array.sort()`. -* `rcompare(v1, v2)`: The reverse of compare. Sorts an array of versions - in descending order when passed to `Array.sort()`. -* `diff(v1, v2)`: Returns difference between two versions by the release type - (`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`), - or null if the versions are the same. - -### Comparators - -* `intersects(comparator)`: Return true if the comparators intersect - -### Ranges - -* `validRange(range)`: Return the valid range or null if it's not valid -* `satisfies(version, range)`: Return true if the version satisfies the - range. -* `maxSatisfying(versions, range)`: Return the highest version in the list - that satisfies the range, or `null` if none of them do. -* `minSatisfying(versions, range)`: Return the lowest version in the list - that satisfies the range, or `null` if none of them do. -* `minVersion(range)`: Return the lowest version that can possibly match - the given range. -* `gtr(version, range)`: Return `true` if version is greater than all the - versions possible in the range. -* `ltr(version, range)`: Return `true` if version is less than all the - versions possible in the range. -* `outside(version, range, hilo)`: Return true if the version is outside - the bounds of the range in either the high or low direction. The - `hilo` argument must be either the string `'>'` or `'<'`. (This is - the function called by `gtr` and `ltr`.) -* `intersects(range)`: Return true if any of the ranges comparators intersect - -Note that, since ranges may be non-contiguous, a version might not be -greater than a range, less than a range, *or* satisfy a range! For -example, the range `1.2 <1.2.9 || >2.0.0` would have a hole from `1.2.9` -until `2.0.0`, so the version `1.2.10` would not be greater than the -range (because `2.0.1` satisfies, which is higher), nor less than the -range (since `1.2.8` satisfies, which is lower), and it also does not -satisfy the range. - -If you want to know if a version satisfies or does not satisfy a -range, use the `satisfies(version, range)` function. - -### Coercion - -* `coerce(version)`: Coerces a string to semver if possible - -This aims to provide a very forgiving translation of a non-semver string to -semver. It looks for the first digit in a string, and consumes all -remaining characters which satisfy at least a partial semver (e.g., `1`, -`1.2`, `1.2.3`) up to the max permitted length (256 characters). Longer -versions are simply truncated (`4.6.3.9.2-alpha2` becomes `4.6.3`). All -surrounding text is simply ignored (`v3.4 replaces v3.3.1` becomes -`3.4.0`). Only text which lacks digits will fail coercion (`version one` -is not valid). The maximum length for any semver component considered for -coercion is 16 characters; longer components will be ignored -(`10000000000000000.4.7.4` becomes `4.7.4`). The maximum value for any -semver component is `Number.MAX_SAFE_INTEGER || (2**53 - 1)`; higher value -components are invalid (`9999999999999999.4.7.4` is likely invalid). diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/bin/semver b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/bin/semver deleted file mode 100755 index 801e77f13..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/bin/semver +++ /dev/null @@ -1,160 +0,0 @@ -#!/usr/bin/env node -// Standalone semver comparison program. -// Exits successfully and prints matching version(s) if -// any supplied version is valid and passes all tests. - -var argv = process.argv.slice(2) - -var versions = [] - -var range = [] - -var inc = null - -var version = require('../package.json').version - -var loose = false - -var includePrerelease = false - -var coerce = false - -var identifier - -var semver = require('../semver') - -var reverse = false - -var options = {} - -main() - -function main () { - if (!argv.length) return help() - while (argv.length) { - var a = argv.shift() - var indexOfEqualSign = a.indexOf('=') - if (indexOfEqualSign !== -1) { - a = a.slice(0, indexOfEqualSign) - argv.unshift(a.slice(indexOfEqualSign + 1)) - } - switch (a) { - case '-rv': case '-rev': case '--rev': case '--reverse': - reverse = true - break - case '-l': case '--loose': - loose = true - break - case '-p': case '--include-prerelease': - includePrerelease = true - break - case '-v': case '--version': - versions.push(argv.shift()) - break - case '-i': case '--inc': case '--increment': - switch (argv[0]) { - case 'major': case 'minor': case 'patch': case 'prerelease': - case 'premajor': case 'preminor': case 'prepatch': - inc = argv.shift() - break - default: - inc = 'patch' - break - } - break - case '--preid': - identifier = argv.shift() - break - case '-r': case '--range': - range.push(argv.shift()) - break - case '-c': case '--coerce': - coerce = true - break - case '-h': case '--help': case '-?': - return help() - default: - versions.push(a) - break - } - } - - var options = { loose: loose, includePrerelease: includePrerelease } - - versions = versions.map(function (v) { - return coerce ? (semver.coerce(v) || { version: v }).version : v - }).filter(function (v) { - return semver.valid(v) - }) - if (!versions.length) return fail() - if (inc && (versions.length !== 1 || range.length)) { return failInc() } - - for (var i = 0, l = range.length; i < l; i++) { - versions = versions.filter(function (v) { - return semver.satisfies(v, range[i], options) - }) - if (!versions.length) return fail() - } - return success(versions) -} - -function failInc () { - console.error('--inc can only be used on a single version with no range') - fail() -} - -function fail () { process.exit(1) } - -function success () { - var compare = reverse ? 'rcompare' : 'compare' - versions.sort(function (a, b) { - return semver[compare](a, b, options) - }).map(function (v) { - return semver.clean(v, options) - }).map(function (v) { - return inc ? semver.inc(v, inc, options, identifier) : v - }).forEach(function (v, i, _) { console.log(v) }) -} - -function help () { - console.log(['SemVer ' + version, - '', - 'A JavaScript implementation of the https://semver.org/ specification', - 'Copyright Isaac Z. Schlueter', - '', - 'Usage: semver [options] <version> [<version> [...]]', - 'Prints valid versions sorted by SemVer precedence', - '', - 'Options:', - '-r --range <range>', - ' Print versions that match the specified range.', - '', - '-i --increment [<level>]', - ' Increment a version by the specified level. Level can', - ' be one of: major, minor, patch, premajor, preminor,', - " prepatch, or prerelease. Default level is 'patch'.", - ' Only one version may be specified.', - '', - '--preid <identifier>', - ' Identifier to be used to prefix premajor, preminor,', - ' prepatch or prerelease version increments.', - '', - '-l --loose', - ' Interpret versions and ranges loosely', - '', - '-p --include-prerelease', - ' Always include prerelease versions in range matching', - '', - '-c --coerce', - ' Coerce a string into SemVer if possible', - ' (does not imply --loose)', - '', - 'Program exits successfully if any valid version satisfies', - 'all supplied ranges, and prints all satisfying versions.', - '', - 'If no satisfying versions are found, then exits failure.', - '', - 'Versions are printed in ascending order, so supplying', - 'multiple versions to the utility will just sort them.' - ].join('\n')) -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/package.json b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/package.json deleted file mode 100644 index 28003f36a..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/package.json +++ /dev/null @@ -1,60 +0,0 @@ -{ - "_from": "semver@^5.6.0", - "_id": "semver@5.7.1", - "_inBundle": false, - "_integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", - "_location": "/npm-profile/npm-registry-fetch/npm-package-arg/semver", - "_phantomChildren": {}, - "_requested": { - "type": "range", - "registry": true, - "raw": "semver@^5.6.0", - "name": "semver", - "escapedName": "semver", - "rawSpec": "^5.6.0", - "saveSpec": null, - "fetchSpec": "^5.6.0" - }, - "_requiredBy": [ - "/npm-profile/npm-registry-fetch/npm-package-arg" - ], - "_resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", - "_shasum": "a954f931aeba508d307bbf069eff0c01c96116f7", - "_spec": "semver@^5.6.0", - "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg", - "bin": { - "semver": "bin/semver" - }, - "bugs": { - "url": "https://github.com/npm/node-semver/issues" - }, - "bundleDependencies": false, - "deprecated": false, - "description": "The semantic version parser used by npm.", - "devDependencies": { - "tap": "^13.0.0-rc.18" - }, - "files": [ - "bin", - "range.bnf", - "semver.js" - ], - "homepage": "https://github.com/npm/node-semver#readme", - "license": "ISC", - "main": "semver.js", - "name": "semver", - "repository": { - "type": "git", - "url": "git+https://github.com/npm/node-semver.git" - }, - "scripts": { - "postpublish": "git push origin --all; git push origin --tags", - "postversion": "npm publish", - "preversion": "npm test", - "test": "tap" - }, - "tap": { - "check-coverage": true - }, - "version": "5.7.1" -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/range.bnf b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/range.bnf deleted file mode 100644 index d4c6ae0d7..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/range.bnf +++ /dev/null @@ -1,16 +0,0 @@ -range-set ::= range ( logical-or range ) * -logical-or ::= ( ' ' ) * '||' ( ' ' ) * -range ::= hyphen | simple ( ' ' simple ) * | '' -hyphen ::= partial ' - ' partial -simple ::= primitive | partial | tilde | caret -primitive ::= ( '<' | '>' | '>=' | '<=' | '=' ) partial -partial ::= xr ( '.' xr ( '.' xr qualifier ? )? )? -xr ::= 'x' | 'X' | '*' | nr -nr ::= '0' | [1-9] ( [0-9] ) * -tilde ::= '~' partial -caret ::= '^' partial -qualifier ::= ( '-' pre )? ( '+' build )? -pre ::= parts -build ::= parts -parts ::= part ( '.' part ) * -part ::= nr | [-0-9A-Za-z]+ diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/semver.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/semver.js deleted file mode 100644 index d315d5d68..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/node_modules/semver/semver.js +++ /dev/null @@ -1,1483 +0,0 @@ -exports = module.exports = SemVer - -var debug -/* istanbul ignore next */ -if (typeof process === 'object' && - process.env && - process.env.NODE_DEBUG && - /\bsemver\b/i.test(process.env.NODE_DEBUG)) { - debug = function () { - var args = Array.prototype.slice.call(arguments, 0) - args.unshift('SEMVER') - console.log.apply(console, args) - } -} else { - debug = function () {} -} - -// Note: this is the semver.org version of the spec that it implements -// Not necessarily the package version of this code. -exports.SEMVER_SPEC_VERSION = '2.0.0' - -var MAX_LENGTH = 256 -var MAX_SAFE_INTEGER = Number.MAX_SAFE_INTEGER || - /* istanbul ignore next */ 9007199254740991 - -// Max safe segment length for coercion. -var MAX_SAFE_COMPONENT_LENGTH = 16 - -// The actual regexps go on exports.re -var re = exports.re = [] -var src = exports.src = [] -var R = 0 - -// The following Regular Expressions can be used for tokenizing, -// validating, and parsing SemVer version strings. - -// ## Numeric Identifier -// A single `0`, or a non-zero digit followed by zero or more digits. - -var NUMERICIDENTIFIER = R++ -src[NUMERICIDENTIFIER] = '0|[1-9]\\d*' -var NUMERICIDENTIFIERLOOSE = R++ -src[NUMERICIDENTIFIERLOOSE] = '[0-9]+' - -// ## Non-numeric Identifier -// Zero or more digits, followed by a letter or hyphen, and then zero or -// more letters, digits, or hyphens. - -var NONNUMERICIDENTIFIER = R++ -src[NONNUMERICIDENTIFIER] = '\\d*[a-zA-Z-][a-zA-Z0-9-]*' - -// ## Main Version -// Three dot-separated numeric identifiers. - -var MAINVERSION = R++ -src[MAINVERSION] = '(' + src[NUMERICIDENTIFIER] + ')\\.' + - '(' + src[NUMERICIDENTIFIER] + ')\\.' + - '(' + src[NUMERICIDENTIFIER] + ')' - -var MAINVERSIONLOOSE = R++ -src[MAINVERSIONLOOSE] = '(' + src[NUMERICIDENTIFIERLOOSE] + ')\\.' + - '(' + src[NUMERICIDENTIFIERLOOSE] + ')\\.' + - '(' + src[NUMERICIDENTIFIERLOOSE] + ')' - -// ## Pre-release Version Identifier -// A numeric identifier, or a non-numeric identifier. - -var PRERELEASEIDENTIFIER = R++ -src[PRERELEASEIDENTIFIER] = '(?:' + src[NUMERICIDENTIFIER] + - '|' + src[NONNUMERICIDENTIFIER] + ')' - -var PRERELEASEIDENTIFIERLOOSE = R++ -src[PRERELEASEIDENTIFIERLOOSE] = '(?:' + src[NUMERICIDENTIFIERLOOSE] + - '|' + src[NONNUMERICIDENTIFIER] + ')' - -// ## Pre-release Version -// Hyphen, followed by one or more dot-separated pre-release version -// identifiers. - -var PRERELEASE = R++ -src[PRERELEASE] = '(?:-(' + src[PRERELEASEIDENTIFIER] + - '(?:\\.' + src[PRERELEASEIDENTIFIER] + ')*))' - -var PRERELEASELOOSE = R++ -src[PRERELEASELOOSE] = '(?:-?(' + src[PRERELEASEIDENTIFIERLOOSE] + - '(?:\\.' + src[PRERELEASEIDENTIFIERLOOSE] + ')*))' - -// ## Build Metadata Identifier -// Any combination of digits, letters, or hyphens. - -var BUILDIDENTIFIER = R++ -src[BUILDIDENTIFIER] = '[0-9A-Za-z-]+' - -// ## Build Metadata -// Plus sign, followed by one or more period-separated build metadata -// identifiers. - -var BUILD = R++ -src[BUILD] = '(?:\\+(' + src[BUILDIDENTIFIER] + - '(?:\\.' + src[BUILDIDENTIFIER] + ')*))' - -// ## Full Version String -// A main version, followed optionally by a pre-release version and -// build metadata. - -// Note that the only major, minor, patch, and pre-release sections of -// the version string are capturing groups. The build metadata is not a -// capturing group, because it should not ever be used in version -// comparison. - -var FULL = R++ -var FULLPLAIN = 'v?' + src[MAINVERSION] + - src[PRERELEASE] + '?' + - src[BUILD] + '?' - -src[FULL] = '^' + FULLPLAIN + '$' - -// like full, but allows v1.2.3 and =1.2.3, which people do sometimes. -// also, 1.0.0alpha1 (prerelease without the hyphen) which is pretty -// common in the npm registry. -var LOOSEPLAIN = '[v=\\s]*' + src[MAINVERSIONLOOSE] + - src[PRERELEASELOOSE] + '?' + - src[BUILD] + '?' - -var LOOSE = R++ -src[LOOSE] = '^' + LOOSEPLAIN + '$' - -var GTLT = R++ -src[GTLT] = '((?:<|>)?=?)' - -// Something like "2.*" or "1.2.x". -// Note that "x.x" is a valid xRange identifer, meaning "any version" -// Only the first item is strictly required. -var XRANGEIDENTIFIERLOOSE = R++ -src[XRANGEIDENTIFIERLOOSE] = src[NUMERICIDENTIFIERLOOSE] + '|x|X|\\*' -var XRANGEIDENTIFIER = R++ -src[XRANGEIDENTIFIER] = src[NUMERICIDENTIFIER] + '|x|X|\\*' - -var XRANGEPLAIN = R++ -src[XRANGEPLAIN] = '[v=\\s]*(' + src[XRANGEIDENTIFIER] + ')' + - '(?:\\.(' + src[XRANGEIDENTIFIER] + ')' + - '(?:\\.(' + src[XRANGEIDENTIFIER] + ')' + - '(?:' + src[PRERELEASE] + ')?' + - src[BUILD] + '?' + - ')?)?' - -var XRANGEPLAINLOOSE = R++ -src[XRANGEPLAINLOOSE] = '[v=\\s]*(' + src[XRANGEIDENTIFIERLOOSE] + ')' + - '(?:\\.(' + src[XRANGEIDENTIFIERLOOSE] + ')' + - '(?:\\.(' + src[XRANGEIDENTIFIERLOOSE] + ')' + - '(?:' + src[PRERELEASELOOSE] + ')?' + - src[BUILD] + '?' + - ')?)?' - -var XRANGE = R++ -src[XRANGE] = '^' + src[GTLT] + '\\s*' + src[XRANGEPLAIN] + '$' -var XRANGELOOSE = R++ -src[XRANGELOOSE] = '^' + src[GTLT] + '\\s*' + src[XRANGEPLAINLOOSE] + '$' - -// Coercion. -// Extract anything that could conceivably be a part of a valid semver -var COERCE = R++ -src[COERCE] = '(?:^|[^\\d])' + - '(\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '})' + - '(?:\\.(\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '}))?' + - '(?:\\.(\\d{1,' + MAX_SAFE_COMPONENT_LENGTH + '}))?' + - '(?:$|[^\\d])' - -// Tilde ranges. -// Meaning is "reasonably at or greater than" -var LONETILDE = R++ -src[LONETILDE] = '(?:~>?)' - -var TILDETRIM = R++ -src[TILDETRIM] = '(\\s*)' + src[LONETILDE] + '\\s+' -re[TILDETRIM] = new RegExp(src[TILDETRIM], 'g') -var tildeTrimReplace = '$1~' - -var TILDE = R++ -src[TILDE] = '^' + src[LONETILDE] + src[XRANGEPLAIN] + '$' -var TILDELOOSE = R++ -src[TILDELOOSE] = '^' + src[LONETILDE] + src[XRANGEPLAINLOOSE] + '$' - -// Caret ranges. -// Meaning is "at least and backwards compatible with" -var LONECARET = R++ -src[LONECARET] = '(?:\\^)' - -var CARETTRIM = R++ -src[CARETTRIM] = '(\\s*)' + src[LONECARET] + '\\s+' -re[CARETTRIM] = new RegExp(src[CARETTRIM], 'g') -var caretTrimReplace = '$1^' - -var CARET = R++ -src[CARET] = '^' + src[LONECARET] + src[XRANGEPLAIN] + '$' -var CARETLOOSE = R++ -src[CARETLOOSE] = '^' + src[LONECARET] + src[XRANGEPLAINLOOSE] + '$' - -// A simple gt/lt/eq thing, or just "" to indicate "any version" -var COMPARATORLOOSE = R++ -src[COMPARATORLOOSE] = '^' + src[GTLT] + '\\s*(' + LOOSEPLAIN + ')$|^$' -var COMPARATOR = R++ -src[COMPARATOR] = '^' + src[GTLT] + '\\s*(' + FULLPLAIN + ')$|^$' - -// An expression to strip any whitespace between the gtlt and the thing -// it modifies, so that `> 1.2.3` ==> `>1.2.3` -var COMPARATORTRIM = R++ -src[COMPARATORTRIM] = '(\\s*)' + src[GTLT] + - '\\s*(' + LOOSEPLAIN + '|' + src[XRANGEPLAIN] + ')' - -// this one has to use the /g flag -re[COMPARATORTRIM] = new RegExp(src[COMPARATORTRIM], 'g') -var comparatorTrimReplace = '$1$2$3' - -// Something like `1.2.3 - 1.2.4` -// Note that these all use the loose form, because they'll be -// checked against either the strict or loose comparator form -// later. -var HYPHENRANGE = R++ -src[HYPHENRANGE] = '^\\s*(' + src[XRANGEPLAIN] + ')' + - '\\s+-\\s+' + - '(' + src[XRANGEPLAIN] + ')' + - '\\s*$' - -var HYPHENRANGELOOSE = R++ -src[HYPHENRANGELOOSE] = '^\\s*(' + src[XRANGEPLAINLOOSE] + ')' + - '\\s+-\\s+' + - '(' + src[XRANGEPLAINLOOSE] + ')' + - '\\s*$' - -// Star ranges basically just allow anything at all. -var STAR = R++ -src[STAR] = '(<|>)?=?\\s*\\*' - -// Compile to actual regexp objects. -// All are flag-free, unless they were created above with a flag. -for (var i = 0; i < R; i++) { - debug(i, src[i]) - if (!re[i]) { - re[i] = new RegExp(src[i]) - } -} - -exports.parse = parse -function parse (version, options) { - if (!options || typeof options !== 'object') { - options = { - loose: !!options, - includePrerelease: false - } - } - - if (version instanceof SemVer) { - return version - } - - if (typeof version !== 'string') { - return null - } - - if (version.length > MAX_LENGTH) { - return null - } - - var r = options.loose ? re[LOOSE] : re[FULL] - if (!r.test(version)) { - return null - } - - try { - return new SemVer(version, options) - } catch (er) { - return null - } -} - -exports.valid = valid -function valid (version, options) { - var v = parse(version, options) - return v ? v.version : null -} - -exports.clean = clean -function clean (version, options) { - var s = parse(version.trim().replace(/^[=v]+/, ''), options) - return s ? s.version : null -} - -exports.SemVer = SemVer - -function SemVer (version, options) { - if (!options || typeof options !== 'object') { - options = { - loose: !!options, - includePrerelease: false - } - } - if (version instanceof SemVer) { - if (version.loose === options.loose) { - return version - } else { - version = version.version - } - } else if (typeof version !== 'string') { - throw new TypeError('Invalid Version: ' + version) - } - - if (version.length > MAX_LENGTH) { - throw new TypeError('version is longer than ' + MAX_LENGTH + ' characters') - } - - if (!(this instanceof SemVer)) { - return new SemVer(version, options) - } - - debug('SemVer', version, options) - this.options = options - this.loose = !!options.loose - - var m = version.trim().match(options.loose ? re[LOOSE] : re[FULL]) - - if (!m) { - throw new TypeError('Invalid Version: ' + version) - } - - this.raw = version - - // these are actually numbers - this.major = +m[1] - this.minor = +m[2] - this.patch = +m[3] - - if (this.major > MAX_SAFE_INTEGER || this.major < 0) { - throw new TypeError('Invalid major version') - } - - if (this.minor > MAX_SAFE_INTEGER || this.minor < 0) { - throw new TypeError('Invalid minor version') - } - - if (this.patch > MAX_SAFE_INTEGER || this.patch < 0) { - throw new TypeError('Invalid patch version') - } - - // numberify any prerelease numeric ids - if (!m[4]) { - this.prerelease = [] - } else { - this.prerelease = m[4].split('.').map(function (id) { - if (/^[0-9]+$/.test(id)) { - var num = +id - if (num >= 0 && num < MAX_SAFE_INTEGER) { - return num - } - } - return id - }) - } - - this.build = m[5] ? m[5].split('.') : [] - this.format() -} - -SemVer.prototype.format = function () { - this.version = this.major + '.' + this.minor + '.' + this.patch - if (this.prerelease.length) { - this.version += '-' + this.prerelease.join('.') - } - return this.version -} - -SemVer.prototype.toString = function () { - return this.version -} - -SemVer.prototype.compare = function (other) { - debug('SemVer.compare', this.version, this.options, other) - if (!(other instanceof SemVer)) { - other = new SemVer(other, this.options) - } - - return this.compareMain(other) || this.comparePre(other) -} - -SemVer.prototype.compareMain = function (other) { - if (!(other instanceof SemVer)) { - other = new SemVer(other, this.options) - } - - return compareIdentifiers(this.major, other.major) || - compareIdentifiers(this.minor, other.minor) || - compareIdentifiers(this.patch, other.patch) -} - -SemVer.prototype.comparePre = function (other) { - if (!(other instanceof SemVer)) { - other = new SemVer(other, this.options) - } - - // NOT having a prerelease is > having one - if (this.prerelease.length && !other.prerelease.length) { - return -1 - } else if (!this.prerelease.length && other.prerelease.length) { - return 1 - } else if (!this.prerelease.length && !other.prerelease.length) { - return 0 - } - - var i = 0 - do { - var a = this.prerelease[i] - var b = other.prerelease[i] - debug('prerelease compare', i, a, b) - if (a === undefined && b === undefined) { - return 0 - } else if (b === undefined) { - return 1 - } else if (a === undefined) { - return -1 - } else if (a === b) { - continue - } else { - return compareIdentifiers(a, b) - } - } while (++i) -} - -// preminor will bump the version up to the next minor release, and immediately -// down to pre-release. premajor and prepatch work the same way. -SemVer.prototype.inc = function (release, identifier) { - switch (release) { - case 'premajor': - this.prerelease.length = 0 - this.patch = 0 - this.minor = 0 - this.major++ - this.inc('pre', identifier) - break - case 'preminor': - this.prerelease.length = 0 - this.patch = 0 - this.minor++ - this.inc('pre', identifier) - break - case 'prepatch': - // If this is already a prerelease, it will bump to the next version - // drop any prereleases that might already exist, since they are not - // relevant at this point. - this.prerelease.length = 0 - this.inc('patch', identifier) - this.inc('pre', identifier) - break - // If the input is a non-prerelease version, this acts the same as - // prepatch. - case 'prerelease': - if (this.prerelease.length === 0) { - this.inc('patch', identifier) - } - this.inc('pre', identifier) - break - - case 'major': - // If this is a pre-major version, bump up to the same major version. - // Otherwise increment major. - // 1.0.0-5 bumps to 1.0.0 - // 1.1.0 bumps to 2.0.0 - if (this.minor !== 0 || - this.patch !== 0 || - this.prerelease.length === 0) { - this.major++ - } - this.minor = 0 - this.patch = 0 - this.prerelease = [] - break - case 'minor': - // If this is a pre-minor version, bump up to the same minor version. - // Otherwise increment minor. - // 1.2.0-5 bumps to 1.2.0 - // 1.2.1 bumps to 1.3.0 - if (this.patch !== 0 || this.prerelease.length === 0) { - this.minor++ - } - this.patch = 0 - this.prerelease = [] - break - case 'patch': - // If this is not a pre-release version, it will increment the patch. - // If it is a pre-release it will bump up to the same patch version. - // 1.2.0-5 patches to 1.2.0 - // 1.2.0 patches to 1.2.1 - if (this.prerelease.length === 0) { - this.patch++ - } - this.prerelease = [] - break - // This probably shouldn't be used publicly. - // 1.0.0 "pre" would become 1.0.0-0 which is the wrong direction. - case 'pre': - if (this.prerelease.length === 0) { - this.prerelease = [0] - } else { - var i = this.prerelease.length - while (--i >= 0) { - if (typeof this.prerelease[i] === 'number') { - this.prerelease[i]++ - i = -2 - } - } - if (i === -1) { - // didn't increment anything - this.prerelease.push(0) - } - } - if (identifier) { - // 1.2.0-beta.1 bumps to 1.2.0-beta.2, - // 1.2.0-beta.fooblz or 1.2.0-beta bumps to 1.2.0-beta.0 - if (this.prerelease[0] === identifier) { - if (isNaN(this.prerelease[1])) { - this.prerelease = [identifier, 0] - } - } else { - this.prerelease = [identifier, 0] - } - } - break - - default: - throw new Error('invalid increment argument: ' + release) - } - this.format() - this.raw = this.version - return this -} - -exports.inc = inc -function inc (version, release, loose, identifier) { - if (typeof (loose) === 'string') { - identifier = loose - loose = undefined - } - - try { - return new SemVer(version, loose).inc(release, identifier).version - } catch (er) { - return null - } -} - -exports.diff = diff -function diff (version1, version2) { - if (eq(version1, version2)) { - return null - } else { - var v1 = parse(version1) - var v2 = parse(version2) - var prefix = '' - if (v1.prerelease.length || v2.prerelease.length) { - prefix = 'pre' - var defaultResult = 'prerelease' - } - for (var key in v1) { - if (key === 'major' || key === 'minor' || key === 'patch') { - if (v1[key] !== v2[key]) { - return prefix + key - } - } - } - return defaultResult // may be undefined - } -} - -exports.compareIdentifiers = compareIdentifiers - -var numeric = /^[0-9]+$/ -function compareIdentifiers (a, b) { - var anum = numeric.test(a) - var bnum = numeric.test(b) - - if (anum && bnum) { - a = +a - b = +b - } - - return a === b ? 0 - : (anum && !bnum) ? -1 - : (bnum && !anum) ? 1 - : a < b ? -1 - : 1 -} - -exports.rcompareIdentifiers = rcompareIdentifiers -function rcompareIdentifiers (a, b) { - return compareIdentifiers(b, a) -} - -exports.major = major -function major (a, loose) { - return new SemVer(a, loose).major -} - -exports.minor = minor -function minor (a, loose) { - return new SemVer(a, loose).minor -} - -exports.patch = patch -function patch (a, loose) { - return new SemVer(a, loose).patch -} - -exports.compare = compare -function compare (a, b, loose) { - return new SemVer(a, loose).compare(new SemVer(b, loose)) -} - -exports.compareLoose = compareLoose -function compareLoose (a, b) { - return compare(a, b, true) -} - -exports.rcompare = rcompare -function rcompare (a, b, loose) { - return compare(b, a, loose) -} - -exports.sort = sort -function sort (list, loose) { - return list.sort(function (a, b) { - return exports.compare(a, b, loose) - }) -} - -exports.rsort = rsort -function rsort (list, loose) { - return list.sort(function (a, b) { - return exports.rcompare(a, b, loose) - }) -} - -exports.gt = gt -function gt (a, b, loose) { - return compare(a, b, loose) > 0 -} - -exports.lt = lt -function lt (a, b, loose) { - return compare(a, b, loose) < 0 -} - -exports.eq = eq -function eq (a, b, loose) { - return compare(a, b, loose) === 0 -} - -exports.neq = neq -function neq (a, b, loose) { - return compare(a, b, loose) !== 0 -} - -exports.gte = gte -function gte (a, b, loose) { - return compare(a, b, loose) >= 0 -} - -exports.lte = lte -function lte (a, b, loose) { - return compare(a, b, loose) <= 0 -} - -exports.cmp = cmp -function cmp (a, op, b, loose) { - switch (op) { - case '===': - if (typeof a === 'object') - a = a.version - if (typeof b === 'object') - b = b.version - return a === b - - case '!==': - if (typeof a === 'object') - a = a.version - if (typeof b === 'object') - b = b.version - return a !== b - - case '': - case '=': - case '==': - return eq(a, b, loose) - - case '!=': - return neq(a, b, loose) - - case '>': - return gt(a, b, loose) - - case '>=': - return gte(a, b, loose) - - case '<': - return lt(a, b, loose) - - case '<=': - return lte(a, b, loose) - - default: - throw new TypeError('Invalid operator: ' + op) - } -} - -exports.Comparator = Comparator -function Comparator (comp, options) { - if (!options || typeof options !== 'object') { - options = { - loose: !!options, - includePrerelease: false - } - } - - if (comp instanceof Comparator) { - if (comp.loose === !!options.loose) { - return comp - } else { - comp = comp.value - } - } - - if (!(this instanceof Comparator)) { - return new Comparator(comp, options) - } - - debug('comparator', comp, options) - this.options = options - this.loose = !!options.loose - this.parse(comp) - - if (this.semver === ANY) { - this.value = '' - } else { - this.value = this.operator + this.semver.version - } - - debug('comp', this) -} - -var ANY = {} -Comparator.prototype.parse = function (comp) { - var r = this.options.loose ? re[COMPARATORLOOSE] : re[COMPARATOR] - var m = comp.match(r) - - if (!m) { - throw new TypeError('Invalid comparator: ' + comp) - } - - this.operator = m[1] - if (this.operator === '=') { - this.operator = '' - } - - // if it literally is just '>' or '' then allow anything. - if (!m[2]) { - this.semver = ANY - } else { - this.semver = new SemVer(m[2], this.options.loose) - } -} - -Comparator.prototype.toString = function () { - return this.value -} - -Comparator.prototype.test = function (version) { - debug('Comparator.test', version, this.options.loose) - - if (this.semver === ANY) { - return true - } - - if (typeof version === 'string') { - version = new SemVer(version, this.options) - } - - return cmp(version, this.operator, this.semver, this.options) -} - -Comparator.prototype.intersects = function (comp, options) { - if (!(comp instanceof Comparator)) { - throw new TypeError('a Comparator is required') - } - - if (!options || typeof options !== 'object') { - options = { - loose: !!options, - includePrerelease: false - } - } - - var rangeTmp - - if (this.operator === '') { - rangeTmp = new Range(comp.value, options) - return satisfies(this.value, rangeTmp, options) - } else if (comp.operator === '') { - rangeTmp = new Range(this.value, options) - return satisfies(comp.semver, rangeTmp, options) - } - - var sameDirectionIncreasing = - (this.operator === '>=' || this.operator === '>') && - (comp.operator === '>=' || comp.operator === '>') - var sameDirectionDecreasing = - (this.operator === '<=' || this.operator === '<') && - (comp.operator === '<=' || comp.operator === '<') - var sameSemVer = this.semver.version === comp.semver.version - var differentDirectionsInclusive = - (this.operator === '>=' || this.operator === '<=') && - (comp.operator === '>=' || comp.operator === '<=') - var oppositeDirectionsLessThan = - cmp(this.semver, '<', comp.semver, options) && - ((this.operator === '>=' || this.operator === '>') && - (comp.operator === '<=' || comp.operator === '<')) - var oppositeDirectionsGreaterThan = - cmp(this.semver, '>', comp.semver, options) && - ((this.operator === '<=' || this.operator === '<') && - (comp.operator === '>=' || comp.operator === '>')) - - return sameDirectionIncreasing || sameDirectionDecreasing || - (sameSemVer && differentDirectionsInclusive) || - oppositeDirectionsLessThan || oppositeDirectionsGreaterThan -} - -exports.Range = Range -function Range (range, options) { - if (!options || typeof options !== 'object') { - options = { - loose: !!options, - includePrerelease: false - } - } - - if (range instanceof Range) { - if (range.loose === !!options.loose && - range.includePrerelease === !!options.includePrerelease) { - return range - } else { - return new Range(range.raw, options) - } - } - - if (range instanceof Comparator) { - return new Range(range.value, options) - } - - if (!(this instanceof Range)) { - return new Range(range, options) - } - - this.options = options - this.loose = !!options.loose - this.includePrerelease = !!options.includePrerelease - - // First, split based on boolean or || - this.raw = range - this.set = range.split(/\s*\|\|\s*/).map(function (range) { - return this.parseRange(range.trim()) - }, this).filter(function (c) { - // throw out any that are not relevant for whatever reason - return c.length - }) - - if (!this.set.length) { - throw new TypeError('Invalid SemVer Range: ' + range) - } - - this.format() -} - -Range.prototype.format = function () { - this.range = this.set.map(function (comps) { - return comps.join(' ').trim() - }).join('||').trim() - return this.range -} - -Range.prototype.toString = function () { - return this.range -} - -Range.prototype.parseRange = function (range) { - var loose = this.options.loose - range = range.trim() - // `1.2.3 - 1.2.4` => `>=1.2.3 <=1.2.4` - var hr = loose ? re[HYPHENRANGELOOSE] : re[HYPHENRANGE] - range = range.replace(hr, hyphenReplace) - debug('hyphen replace', range) - // `> 1.2.3 < 1.2.5` => `>1.2.3 <1.2.5` - range = range.replace(re[COMPARATORTRIM], comparatorTrimReplace) - debug('comparator trim', range, re[COMPARATORTRIM]) - - // `~ 1.2.3` => `~1.2.3` - range = range.replace(re[TILDETRIM], tildeTrimReplace) - - // `^ 1.2.3` => `^1.2.3` - range = range.replace(re[CARETTRIM], caretTrimReplace) - - // normalize spaces - range = range.split(/\s+/).join(' ') - - // At this point, the range is completely trimmed and - // ready to be split into comparators. - - var compRe = loose ? re[COMPARATORLOOSE] : re[COMPARATOR] - var set = range.split(' ').map(function (comp) { - return parseComparator(comp, this.options) - }, this).join(' ').split(/\s+/) - if (this.options.loose) { - // in loose mode, throw out any that are not valid comparators - set = set.filter(function (comp) { - return !!comp.match(compRe) - }) - } - set = set.map(function (comp) { - return new Comparator(comp, this.options) - }, this) - - return set -} - -Range.prototype.intersects = function (range, options) { - if (!(range instanceof Range)) { - throw new TypeError('a Range is required') - } - - return this.set.some(function (thisComparators) { - return thisComparators.every(function (thisComparator) { - return range.set.some(function (rangeComparators) { - return rangeComparators.every(function (rangeComparator) { - return thisComparator.intersects(rangeComparator, options) - }) - }) - }) - }) -} - -// Mostly just for testing and legacy API reasons -exports.toComparators = toComparators -function toComparators (range, options) { - return new Range(range, options).set.map(function (comp) { - return comp.map(function (c) { - return c.value - }).join(' ').trim().split(' ') - }) -} - -// comprised of xranges, tildes, stars, and gtlt's at this point. -// already replaced the hyphen ranges -// turn into a set of JUST comparators. -function parseComparator (comp, options) { - debug('comp', comp, options) - comp = replaceCarets(comp, options) - debug('caret', comp) - comp = replaceTildes(comp, options) - debug('tildes', comp) - comp = replaceXRanges(comp, options) - debug('xrange', comp) - comp = replaceStars(comp, options) - debug('stars', comp) - return comp -} - -function isX (id) { - return !id || id.toLowerCase() === 'x' || id === '*' -} - -// ~, ~> --> * (any, kinda silly) -// ~2, ~2.x, ~2.x.x, ~>2, ~>2.x ~>2.x.x --> >=2.0.0 <3.0.0 -// ~2.0, ~2.0.x, ~>2.0, ~>2.0.x --> >=2.0.0 <2.1.0 -// ~1.2, ~1.2.x, ~>1.2, ~>1.2.x --> >=1.2.0 <1.3.0 -// ~1.2.3, ~>1.2.3 --> >=1.2.3 <1.3.0 -// ~1.2.0, ~>1.2.0 --> >=1.2.0 <1.3.0 -function replaceTildes (comp, options) { - return comp.trim().split(/\s+/).map(function (comp) { - return replaceTilde(comp, options) - }).join(' ') -} - -function replaceTilde (comp, options) { - var r = options.loose ? re[TILDELOOSE] : re[TILDE] - return comp.replace(r, function (_, M, m, p, pr) { - debug('tilde', comp, _, M, m, p, pr) - var ret - - if (isX(M)) { - ret = '' - } else if (isX(m)) { - ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0' - } else if (isX(p)) { - // ~1.2 == >=1.2.0 <1.3.0 - ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0' - } else if (pr) { - debug('replaceTilde pr', pr) - ret = '>=' + M + '.' + m + '.' + p + '-' + pr + - ' <' + M + '.' + (+m + 1) + '.0' - } else { - // ~1.2.3 == >=1.2.3 <1.3.0 - ret = '>=' + M + '.' + m + '.' + p + - ' <' + M + '.' + (+m + 1) + '.0' - } - - debug('tilde return', ret) - return ret - }) -} - -// ^ --> * (any, kinda silly) -// ^2, ^2.x, ^2.x.x --> >=2.0.0 <3.0.0 -// ^2.0, ^2.0.x --> >=2.0.0 <3.0.0 -// ^1.2, ^1.2.x --> >=1.2.0 <2.0.0 -// ^1.2.3 --> >=1.2.3 <2.0.0 -// ^1.2.0 --> >=1.2.0 <2.0.0 -function replaceCarets (comp, options) { - return comp.trim().split(/\s+/).map(function (comp) { - return replaceCaret(comp, options) - }).join(' ') -} - -function replaceCaret (comp, options) { - debug('caret', comp, options) - var r = options.loose ? re[CARETLOOSE] : re[CARET] - return comp.replace(r, function (_, M, m, p, pr) { - debug('caret', comp, _, M, m, p, pr) - var ret - - if (isX(M)) { - ret = '' - } else if (isX(m)) { - ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0' - } else if (isX(p)) { - if (M === '0') { - ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0' - } else { - ret = '>=' + M + '.' + m + '.0 <' + (+M + 1) + '.0.0' - } - } else if (pr) { - debug('replaceCaret pr', pr) - if (M === '0') { - if (m === '0') { - ret = '>=' + M + '.' + m + '.' + p + '-' + pr + - ' <' + M + '.' + m + '.' + (+p + 1) - } else { - ret = '>=' + M + '.' + m + '.' + p + '-' + pr + - ' <' + M + '.' + (+m + 1) + '.0' - } - } else { - ret = '>=' + M + '.' + m + '.' + p + '-' + pr + - ' <' + (+M + 1) + '.0.0' - } - } else { - debug('no pr') - if (M === '0') { - if (m === '0') { - ret = '>=' + M + '.' + m + '.' + p + - ' <' + M + '.' + m + '.' + (+p + 1) - } else { - ret = '>=' + M + '.' + m + '.' + p + - ' <' + M + '.' + (+m + 1) + '.0' - } - } else { - ret = '>=' + M + '.' + m + '.' + p + - ' <' + (+M + 1) + '.0.0' - } - } - - debug('caret return', ret) - return ret - }) -} - -function replaceXRanges (comp, options) { - debug('replaceXRanges', comp, options) - return comp.split(/\s+/).map(function (comp) { - return replaceXRange(comp, options) - }).join(' ') -} - -function replaceXRange (comp, options) { - comp = comp.trim() - var r = options.loose ? re[XRANGELOOSE] : re[XRANGE] - return comp.replace(r, function (ret, gtlt, M, m, p, pr) { - debug('xRange', comp, ret, gtlt, M, m, p, pr) - var xM = isX(M) - var xm = xM || isX(m) - var xp = xm || isX(p) - var anyX = xp - - if (gtlt === '=' && anyX) { - gtlt = '' - } - - if (xM) { - if (gtlt === '>' || gtlt === '<') { - // nothing is allowed - ret = '<0.0.0' - } else { - // nothing is forbidden - ret = '*' - } - } else if (gtlt && anyX) { - // we know patch is an x, because we have any x at all. - // replace X with 0 - if (xm) { - m = 0 - } - p = 0 - - if (gtlt === '>') { - // >1 => >=2.0.0 - // >1.2 => >=1.3.0 - // >1.2.3 => >= 1.2.4 - gtlt = '>=' - if (xm) { - M = +M + 1 - m = 0 - p = 0 - } else { - m = +m + 1 - p = 0 - } - } else if (gtlt === '<=') { - // <=0.7.x is actually <0.8.0, since any 0.7.x should - // pass. Similarly, <=7.x is actually <8.0.0, etc. - gtlt = '<' - if (xm) { - M = +M + 1 - } else { - m = +m + 1 - } - } - - ret = gtlt + M + '.' + m + '.' + p - } else if (xm) { - ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0' - } else if (xp) { - ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0' - } - - debug('xRange return', ret) - - return ret - }) -} - -// Because * is AND-ed with everything else in the comparator, -// and '' means "any version", just remove the *s entirely. -function replaceStars (comp, options) { - debug('replaceStars', comp, options) - // Looseness is ignored here. star is always as loose as it gets! - return comp.trim().replace(re[STAR], '') -} - -// This function is passed to string.replace(re[HYPHENRANGE]) -// M, m, patch, prerelease, build -// 1.2 - 3.4.5 => >=1.2.0 <=3.4.5 -// 1.2.3 - 3.4 => >=1.2.0 <3.5.0 Any 3.4.x will do -// 1.2 - 3.4 => >=1.2.0 <3.5.0 -function hyphenReplace ($0, - from, fM, fm, fp, fpr, fb, - to, tM, tm, tp, tpr, tb) { - if (isX(fM)) { - from = '' - } else if (isX(fm)) { - from = '>=' + fM + '.0.0' - } else if (isX(fp)) { - from = '>=' + fM + '.' + fm + '.0' - } else { - from = '>=' + from - } - - if (isX(tM)) { - to = '' - } else if (isX(tm)) { - to = '<' + (+tM + 1) + '.0.0' - } else if (isX(tp)) { - to = '<' + tM + '.' + (+tm + 1) + '.0' - } else if (tpr) { - to = '<=' + tM + '.' + tm + '.' + tp + '-' + tpr - } else { - to = '<=' + to - } - - return (from + ' ' + to).trim() -} - -// if ANY of the sets match ALL of its comparators, then pass -Range.prototype.test = function (version) { - if (!version) { - return false - } - - if (typeof version === 'string') { - version = new SemVer(version, this.options) - } - - for (var i = 0; i < this.set.length; i++) { - if (testSet(this.set[i], version, this.options)) { - return true - } - } - return false -} - -function testSet (set, version, options) { - for (var i = 0; i < set.length; i++) { - if (!set[i].test(version)) { - return false - } - } - - if (version.prerelease.length && !options.includePrerelease) { - // Find the set of versions that are allowed to have prereleases - // For example, ^1.2.3-pr.1 desugars to >=1.2.3-pr.1 <2.0.0 - // That should allow `1.2.3-pr.2` to pass. - // However, `1.2.4-alpha.notready` should NOT be allowed, - // even though it's within the range set by the comparators. - for (i = 0; i < set.length; i++) { - debug(set[i].semver) - if (set[i].semver === ANY) { - continue - } - - if (set[i].semver.prerelease.length > 0) { - var allowed = set[i].semver - if (allowed.major === version.major && - allowed.minor === version.minor && - allowed.patch === version.patch) { - return true - } - } - } - - // Version has a -pre, but it's not one of the ones we like. - return false - } - - return true -} - -exports.satisfies = satisfies -function satisfies (version, range, options) { - try { - range = new Range(range, options) - } catch (er) { - return false - } - return range.test(version) -} - -exports.maxSatisfying = maxSatisfying -function maxSatisfying (versions, range, options) { - var max = null - var maxSV = null - try { - var rangeObj = new Range(range, options) - } catch (er) { - return null - } - versions.forEach(function (v) { - if (rangeObj.test(v)) { - // satisfies(v, range, options) - if (!max || maxSV.compare(v) === -1) { - // compare(max, v, true) - max = v - maxSV = new SemVer(max, options) - } - } - }) - return max -} - -exports.minSatisfying = minSatisfying -function minSatisfying (versions, range, options) { - var min = null - var minSV = null - try { - var rangeObj = new Range(range, options) - } catch (er) { - return null - } - versions.forEach(function (v) { - if (rangeObj.test(v)) { - // satisfies(v, range, options) - if (!min || minSV.compare(v) === 1) { - // compare(min, v, true) - min = v - minSV = new SemVer(min, options) - } - } - }) - return min -} - -exports.minVersion = minVersion -function minVersion (range, loose) { - range = new Range(range, loose) - - var minver = new SemVer('0.0.0') - if (range.test(minver)) { - return minver - } - - minver = new SemVer('0.0.0-0') - if (range.test(minver)) { - return minver - } - - minver = null - for (var i = 0; i < range.set.length; ++i) { - var comparators = range.set[i] - - comparators.forEach(function (comparator) { - // Clone to avoid manipulating the comparator's semver object. - var compver = new SemVer(comparator.semver.version) - switch (comparator.operator) { - case '>': - if (compver.prerelease.length === 0) { - compver.patch++ - } else { - compver.prerelease.push(0) - } - compver.raw = compver.format() - /* fallthrough */ - case '': - case '>=': - if (!minver || gt(minver, compver)) { - minver = compver - } - break - case '<': - case '<=': - /* Ignore maximum versions */ - break - /* istanbul ignore next */ - default: - throw new Error('Unexpected operation: ' + comparator.operator) - } - }) - } - - if (minver && range.test(minver)) { - return minver - } - - return null -} - -exports.validRange = validRange -function validRange (range, options) { - try { - // Return '*' instead of '' so that truthiness works. - // This will throw if it's invalid anyway - return new Range(range, options).range || '*' - } catch (er) { - return null - } -} - -// Determine if version is less than all the versions possible in the range -exports.ltr = ltr -function ltr (version, range, options) { - return outside(version, range, '<', options) -} - -// Determine if version is greater than all the versions possible in the range. -exports.gtr = gtr -function gtr (version, range, options) { - return outside(version, range, '>', options) -} - -exports.outside = outside -function outside (version, range, hilo, options) { - version = new SemVer(version, options) - range = new Range(range, options) - - var gtfn, ltefn, ltfn, comp, ecomp - switch (hilo) { - case '>': - gtfn = gt - ltefn = lte - ltfn = lt - comp = '>' - ecomp = '>=' - break - case '<': - gtfn = lt - ltefn = gte - ltfn = gt - comp = '<' - ecomp = '<=' - break - default: - throw new TypeError('Must provide a hilo val of "<" or ">"') - } - - // If it satisifes the range it is not outside - if (satisfies(version, range, options)) { - return false - } - - // From now on, variable terms are as if we're in "gtr" mode. - // but note that everything is flipped for the "ltr" function. - - for (var i = 0; i < range.set.length; ++i) { - var comparators = range.set[i] - - var high = null - var low = null - - comparators.forEach(function (comparator) { - if (comparator.semver === ANY) { - comparator = new Comparator('>=0.0.0') - } - high = high || comparator - low = low || comparator - if (gtfn(comparator.semver, high.semver, options)) { - high = comparator - } else if (ltfn(comparator.semver, low.semver, options)) { - low = comparator - } - }) - - // If the edge version comparator has a operator then our version - // isn't outside it - if (high.operator === comp || high.operator === ecomp) { - return false - } - - // If the lowest version comparator has an operator and our version - // is less than it then it isn't higher than the range - if ((!low.operator || low.operator === comp) && - ltefn(version, low.semver)) { - return false - } else if (low.operator === ecomp && ltfn(version, low.semver)) { - return false - } - } - return true -} - -exports.prerelease = prerelease -function prerelease (version, options) { - var parsed = parse(version, options) - return (parsed && parsed.prerelease.length) ? parsed.prerelease : null -} - -exports.intersects = intersects -function intersects (r1, r2, options) { - r1 = new Range(r1, options) - r2 = new Range(r2, options) - return r1.intersects(r2) -} - -exports.coerce = coerce -function coerce (version) { - if (version instanceof SemVer) { - return version - } - - if (typeof version !== 'string') { - return null - } - - var match = version.match(re[COERCE]) - - if (match == null) { - return null - } - - return parse(match[1] + - '.' + (match[2] || '0') + - '.' + (match[3] || '0')) -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/npa.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/npa.js deleted file mode 100644 index bf2c17cfd..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/npa.js +++ /dev/null @@ -1,301 +0,0 @@ -'use strict' -module.exports = npa -module.exports.resolve = resolve -module.exports.Result = Result - -let url -let HostedGit -let semver -let path_ -function path () { - if (!path_) path_ = require('path') - return path_ -} -let validatePackageName -let osenv - -const isWindows = process.platform === 'win32' || global.FAKE_WINDOWS -const hasSlashes = isWindows ? /\\|[/]/ : /[/]/ -const isURL = /^(?:git[+])?[a-z]+:/i -const isFilename = /[.](?:tgz|tar.gz|tar)$/i - -function npa (arg, where) { - let name - let spec - if (typeof arg === 'object') { - if (arg instanceof Result && (!where || where === arg.where)) { - return arg - } else if (arg.name && arg.rawSpec) { - return npa.resolve(arg.name, arg.rawSpec, where || arg.where) - } else { - return npa(arg.raw, where || arg.where) - } - } - const nameEndsAt = arg[0] === '@' ? arg.slice(1).indexOf('@') + 1 : arg.indexOf('@') - const namePart = nameEndsAt > 0 ? arg.slice(0, nameEndsAt) : arg - if (isURL.test(arg)) { - spec = arg - } else if (namePart[0] !== '@' && (hasSlashes.test(namePart) || isFilename.test(namePart))) { - spec = arg - } else if (nameEndsAt > 0) { - name = namePart - spec = arg.slice(nameEndsAt + 1) - } else { - if (!validatePackageName) validatePackageName = require('validate-npm-package-name') - const valid = validatePackageName(arg) - if (valid.validForOldPackages) { - name = arg - } else { - spec = arg - } - } - return resolve(name, spec, where, arg) -} - -const isFilespec = isWindows ? /^(?:[.]|~[/]|[/\\]|[a-zA-Z]:)/ : /^(?:[.]|~[/]|[/]|[a-zA-Z]:)/ - -function resolve (name, spec, where, arg) { - const res = new Result({ - raw: arg, - name: name, - rawSpec: spec, - fromArgument: arg != null - }) - - if (name) res.setName(name) - - if (spec && (isFilespec.test(spec) || /^file:/i.test(spec))) { - return fromFile(res, where) - } else if (spec && /^npm:/i.test(spec)) { - return fromAlias(res, where) - } - if (!HostedGit) HostedGit = require('hosted-git-info') - const hosted = HostedGit.fromUrl(spec, {noGitPlus: true, noCommittish: true}) - if (hosted) { - return fromHostedGit(res, hosted) - } else if (spec && isURL.test(spec)) { - return fromURL(res) - } else if (spec && (hasSlashes.test(spec) || isFilename.test(spec))) { - return fromFile(res, where) - } else { - return fromRegistry(res) - } -} - -function invalidPackageName (name, valid) { - const err = new Error(`Invalid package name "${name}": ${valid.errors.join('; ')}`) - err.code = 'EINVALIDPACKAGENAME' - return err -} -function invalidTagName (name) { - const err = new Error(`Invalid tag name "${name}": Tags may not have any characters that encodeURIComponent encodes.`) - err.code = 'EINVALIDTAGNAME' - return err -} - -function Result (opts) { - this.type = opts.type - this.registry = opts.registry - this.where = opts.where - if (opts.raw == null) { - this.raw = opts.name ? opts.name + '@' + opts.rawSpec : opts.rawSpec - } else { - this.raw = opts.raw - } - this.name = undefined - this.escapedName = undefined - this.scope = undefined - this.rawSpec = opts.rawSpec == null ? '' : opts.rawSpec - this.saveSpec = opts.saveSpec - this.fetchSpec = opts.fetchSpec - if (opts.name) this.setName(opts.name) - this.gitRange = opts.gitRange - this.gitCommittish = opts.gitCommittish - this.hosted = opts.hosted -} - -Result.prototype.setName = function (name) { - if (!validatePackageName) validatePackageName = require('validate-npm-package-name') - const valid = validatePackageName(name) - if (!valid.validForOldPackages) { - throw invalidPackageName(name, valid) - } - this.name = name - this.scope = name[0] === '@' ? name.slice(0, name.indexOf('/')) : undefined - // scoped packages in couch must have slash url-encoded, e.g. @foo%2Fbar - this.escapedName = name.replace('/', '%2f') - return this -} - -Result.prototype.toString = function () { - const full = [] - if (this.name != null && this.name !== '') full.push(this.name) - const spec = this.saveSpec || this.fetchSpec || this.rawSpec - if (spec != null && spec !== '') full.push(spec) - return full.length ? full.join('@') : this.raw -} - -Result.prototype.toJSON = function () { - const result = Object.assign({}, this) - delete result.hosted - return result -} - -function setGitCommittish (res, committish) { - if (committish != null && committish.length >= 7 && committish.slice(0, 7) === 'semver:') { - res.gitRange = decodeURIComponent(committish.slice(7)) - res.gitCommittish = null - } else { - res.gitCommittish = committish === '' ? null : committish - } - return res -} - -const isAbsolutePath = /^[/]|^[A-Za-z]:/ - -function resolvePath (where, spec) { - if (isAbsolutePath.test(spec)) return spec - return path().resolve(where, spec) -} - -function isAbsolute (dir) { - if (dir[0] === '/') return true - if (/^[A-Za-z]:/.test(dir)) return true - return false -} - -function fromFile (res, where) { - if (!where) where = process.cwd() - res.type = isFilename.test(res.rawSpec) ? 'file' : 'directory' - res.where = where - - const spec = res.rawSpec.replace(/\\/g, '/') - .replace(/^file:[/]*([A-Za-z]:)/, '$1') // drive name paths on windows - .replace(/^file:(?:[/]*([~./]))?/, '$1') - if (/^~[/]/.test(spec)) { - // this is needed for windows and for file:~/foo/bar - if (!osenv) osenv = require('osenv') - res.fetchSpec = resolvePath(osenv.home(), spec.slice(2)) - res.saveSpec = 'file:' + spec - } else { - res.fetchSpec = resolvePath(where, spec) - if (isAbsolute(spec)) { - res.saveSpec = 'file:' + spec - } else { - res.saveSpec = 'file:' + path().relative(where, res.fetchSpec) - } - } - return res -} - -function fromHostedGit (res, hosted) { - res.type = 'git' - res.hosted = hosted - res.saveSpec = hosted.toString({noGitPlus: false, noCommittish: false}) - res.fetchSpec = hosted.getDefaultRepresentation() === 'shortcut' ? null : hosted.toString() - return setGitCommittish(res, hosted.committish) -} - -function unsupportedURLType (protocol, spec) { - const err = new Error(`Unsupported URL Type "${protocol}": ${spec}`) - err.code = 'EUNSUPPORTEDPROTOCOL' - return err -} - -function matchGitScp (spec) { - // git ssh specifiers are overloaded to also use scp-style git - // specifiers, so we have to parse those out and treat them special. - // They are NOT true URIs, so we can't hand them to `url.parse`. - // - // This regex looks for things that look like: - // git+ssh://git@my.custom.git.com:username/project.git#deadbeef - // - // ...and various combinations. The username in the beginning is *required*. - const matched = spec.match(/^git\+ssh:\/\/([^:#]+:[^#]+(?:\.git)?)(?:#(.*))?$/i) - return matched && !matched[1].match(/:[0-9]+\/?.*$/i) && { - fetchSpec: matched[1], - gitCommittish: matched[2] == null ? null : matched[2] - } -} - -function fromURL (res) { - if (!url) url = require('url') - const urlparse = url.parse(res.rawSpec) - res.saveSpec = res.rawSpec - // check the protocol, and then see if it's git or not - switch (urlparse.protocol) { - case 'git:': - case 'git+http:': - case 'git+https:': - case 'git+rsync:': - case 'git+ftp:': - case 'git+file:': - case 'git+ssh:': - res.type = 'git' - const match = urlparse.protocol === 'git+ssh:' && matchGitScp(res.rawSpec) - if (match) { - setGitCommittish(res, match.gitCommittish) - res.fetchSpec = match.fetchSpec - } else { - setGitCommittish(res, urlparse.hash != null ? urlparse.hash.slice(1) : '') - urlparse.protocol = urlparse.protocol.replace(/^git[+]/, '') - if (urlparse.protocol === 'file:' && /^git\+file:\/\/[a-z]:/i.test(res.rawSpec)) { - // keep the drive letter : on windows file paths - urlparse.host += ':' - urlparse.hostname += ':' - } - delete urlparse.hash - res.fetchSpec = url.format(urlparse) - } - break - case 'http:': - case 'https:': - res.type = 'remote' - res.fetchSpec = res.saveSpec - break - - default: - throw unsupportedURLType(urlparse.protocol, res.rawSpec) - } - - return res -} - -function fromAlias (res, where) { - const subSpec = npa(res.rawSpec.substr(4), where) - if (subSpec.type === 'alias') { - throw new Error('nested aliases not supported') - } - if (!subSpec.registry) { - throw new Error('aliases only work for registry deps') - } - res.subSpec = subSpec - res.registry = true - res.type = 'alias' - res.saveSpec = null - res.fetchSpec = null - return res -} - -function fromRegistry (res) { - res.registry = true - const spec = res.rawSpec === '' ? 'latest' : res.rawSpec - // no save spec for registry components as we save based on the fetched - // version, not on the argument so this can't compute that. - res.saveSpec = null - res.fetchSpec = spec - if (!semver) semver = require('semver') - const version = semver.valid(spec, true) - const range = semver.validRange(spec, true) - if (version) { - res.type = 'version' - } else if (range) { - res.type = 'range' - } else { - if (encodeURIComponent(spec) !== spec) { - throw invalidTagName(spec) - } - res.type = 'tag' - } - return res -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/package.json b/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/package.json deleted file mode 100644 index 8c743e531..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/node_modules/npm-package-arg/package.json +++ /dev/null @@ -1,73 +0,0 @@ -{ - "_from": "npm-package-arg@^6.1.0", - "_id": "npm-package-arg@6.1.1", - "_inBundle": false, - "_integrity": "sha512-qBpssaL3IOZWi5vEKUKW0cO7kzLeT+EQO9W8RsLOZf76KF9E/K9+wH0C7t06HXPpaH8WH5xF1MExLuCwbTqRUg==", - "_location": "/npm-profile/npm-registry-fetch/npm-package-arg", - "_phantomChildren": {}, - "_requested": { - "type": "range", - "registry": true, - "raw": "npm-package-arg@^6.1.0", - "name": "npm-package-arg", - "escapedName": "npm-package-arg", - "rawSpec": "^6.1.0", - "saveSpec": null, - "fetchSpec": "^6.1.0" - }, - "_requiredBy": [ - "/npm-profile/npm-registry-fetch" - ], - "_resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-6.1.1.tgz", - "_shasum": "02168cb0a49a2b75bf988a28698de7b529df5cb7", - "_spec": "npm-package-arg@^6.1.0", - "_where": "/Users/claudiahdz/npm/cli/node_modules/npm-profile/node_modules/npm-registry-fetch", - "author": { - "name": "Isaac Z. Schlueter", - "email": "i@izs.me", - "url": "http://blog.izs.me/" - }, - "bugs": { - "url": "https://github.com/npm/npm-package-arg/issues" - }, - "bundleDependencies": false, - "dependencies": { - "hosted-git-info": "^2.7.1", - "osenv": "^0.1.5", - "semver": "^5.6.0", - "validate-npm-package-name": "^3.0.0" - }, - "deprecated": false, - "description": "Parse the things that can be arguments to `npm install`", - "devDependencies": { - "standard": "^11.0.1", - "standard-version": "^4.4.0", - "tap": "^12.5.0", - "weallbehave": "^1.2.0", - "weallcontribute": "^1.0.8" - }, - "directories": { - "test": "test" - }, - "files": [ - "npa.js" - ], - "homepage": "https://github.com/npm/npm-package-arg", - "license": "ISC", - "main": "npa.js", - "name": "npm-package-arg", - "repository": { - "type": "git", - "url": "git+https://github.com/npm/npm-package-arg.git" - }, - "scripts": { - "postrelease": "npm publish && git push --follow-tags", - "prerelease": "npm t", - "pretest": "standard", - "release": "standard-version -s", - "test": "tap --100 -J --coverage test/*.js", - "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", - "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" - }, - "version": "6.1.1" -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/package.json b/node_modules/npm-profile/node_modules/npm-registry-fetch/package.json deleted file mode 100644 index d8e188689..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/package.json +++ /dev/null @@ -1,93 +0,0 @@ -{ - "_from": "npm-registry-fetch@^4.0.0", - "_id": "npm-registry-fetch@4.0.2", - "_inBundle": false, - "_integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", - "_location": "/npm-profile/npm-registry-fetch", - "_phantomChildren": {}, - "_requested": { - "type": "range", - "registry": true, - "raw": "npm-registry-fetch@^4.0.0", - "name": "npm-registry-fetch", - "escapedName": "npm-registry-fetch", - "rawSpec": "^4.0.0", - "saveSpec": null, - "fetchSpec": "^4.0.0" - }, - "_requiredBy": [ - "/npm-profile" - ], - "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", - "_shasum": "2b1434f93ccbe6b6385f8e45f45db93e16921d7a", - "_spec": "npm-registry-fetch@^4.0.0", - "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-profile", - "author": { - "name": "Kat Marchán", - "email": "kzm@sykosomatic.org" - }, - "bugs": { - "url": "https://github.com/npm/registry-fetch/issues" - }, - "bundleDependencies": false, - "config": { - "nyc": { - "exclude": [ - "node_modules/**", - "test/**" - ] - } - }, - "dependencies": { - "JSONStream": "^1.3.4", - "bluebird": "^3.5.1", - "figgy-pudding": "^3.4.1", - "lru-cache": "^5.1.1", - "make-fetch-happen": "^5.0.0", - "npm-package-arg": "^6.1.0", - "safe-buffer": "^5.2.0" - }, - "deprecated": false, - "description": "Fetch-based http client for use with npm registry APIs", - "devDependencies": { - "cacache": "^12.0.0", - "get-stream": "^4.0.0", - "mkdirp": "^0.5.1", - "nock": "^9.4.3", - "npmlog": "^4.1.2", - "rimraf": "^2.6.2", - "ssri": "^6.0.0", - "standard": "^11.0.1", - "standard-version": "^4.4.0", - "tap": "^12.0.1", - "weallbehave": "^1.2.0", - "weallcontribute": "^1.0.8" - }, - "files": [ - "*.js", - "lib" - ], - "homepage": "https://github.com/npm/registry-fetch#readme", - "keywords": [ - "npm", - "registry", - "fetch" - ], - "license": "ISC", - "main": "index.js", - "name": "npm-registry-fetch", - "repository": { - "type": "git", - "url": "git+https://github.com/npm/registry-fetch.git" - }, - "scripts": { - "postrelease": "npm publish && git push --follow-tags", - "prerelease": "npm t", - "pretest": "standard", - "release": "standard-version -s", - "test": "tap -J --coverage test/*.js", - "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", - "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" - }, - "version": "4.0.2" -} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/silentlog.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/silentlog.js deleted file mode 100644 index 886c5d55b..000000000 --- a/node_modules/npm-profile/node_modules/npm-registry-fetch/silentlog.js +++ /dev/null @@ -1,14 +0,0 @@ -'use strict' - -const noop = Function.prototype -module.exports = { - error: noop, - warn: noop, - notice: noop, - info: noop, - verbose: noop, - silly: noop, - http: noop, - pause: noop, - resume: noop -} diff --git a/node_modules/npm-profile/node_modules/safe-buffer/LICENSE b/node_modules/npm-profile/node_modules/safe-buffer/LICENSE deleted file mode 100644 index 0c068ceec..000000000 --- a/node_modules/npm-profile/node_modules/safe-buffer/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) Feross Aboukhadijeh - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/node_modules/npm-profile/node_modules/safe-buffer/README.md b/node_modules/npm-profile/node_modules/safe-buffer/README.md deleted file mode 100644 index 356e35193..000000000 --- a/node_modules/npm-profile/node_modules/safe-buffer/README.md +++ /dev/null @@ -1,586 +0,0 @@ -# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] - -[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg -[travis-url]: https://travis-ci.org/feross/safe-buffer -[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg -[npm-url]: https://npmjs.org/package/safe-buffer -[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg -[downloads-url]: https://npmjs.org/package/safe-buffer -[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg -[standard-url]: https://standardjs.com - -#### Safer Node.js Buffer API - -**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`, -`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.** - -**Uses the built-in implementation when available.** - -## install - -``` -npm install safe-buffer -``` - -[Get supported safe-buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-safe-buffer?utm_source=npm-safe-buffer&utm_medium=referral&utm_campaign=readme) - -## usage - -The goal of this package is to provide a safe replacement for the node.js `Buffer`. - -It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to -the top of your node.js modules: - -```js -var Buffer = require('safe-buffer').Buffer - -// Existing buffer code will continue to work without issues: - -new Buffer('hey', 'utf8') -new Buffer([1, 2, 3], 'utf8') -new Buffer(obj) -new Buffer(16) // create an uninitialized buffer (potentially unsafe) - -// But you can use these new explicit APIs to make clear what you want: - -Buffer.from('hey', 'utf8') // convert from many types to a Buffer -Buffer.alloc(16) // create a zero-filled buffer (safe) -Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe) -``` - -## api - -### Class Method: Buffer.from(array) -<!-- YAML -added: v3.0.0 ---> - -* `array` {Array} - -Allocates a new `Buffer` using an `array` of octets. - -```js -const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]); - // creates a new Buffer containing ASCII bytes - // ['b','u','f','f','e','r'] -``` - -A `TypeError` will be thrown if `array` is not an `Array`. - -### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]]) -<!-- YAML -added: v5.10.0 ---> - -* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or - a `new ArrayBuffer()` -* `byteOffset` {Number} Default: `0` -* `length` {Number} Default: `arrayBuffer.length - byteOffset` - -When passed a reference to the `.buffer` property of a `TypedArray` instance, -the newly created `Buffer` will share the same allocated memory as the -TypedArray. - -```js -const arr = new Uint16Array(2); -arr[0] = 5000; -arr[1] = 4000; - -const buf = Buffer.from(arr.buffer); // shares the memory with arr; - -console.log(buf); - // Prints: <Buffer 88 13 a0 0f> - -// changing the TypedArray changes the Buffer also -arr[1] = 6000; - -console.log(buf); - // Prints: <Buffer 88 13 70 17> -``` - -The optional `byteOffset` and `length` arguments specify a memory range within -the `arrayBuffer` that will be shared by the `Buffer`. - -```js -const ab = new ArrayBuffer(10); -const buf = Buffer.from(ab, 0, 2); -console.log(buf.length); - // Prints: 2 -``` - -A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`. - -### Class Method: Buffer.from(buffer) -<!-- YAML -added: v3.0.0 ---> - -* `buffer` {Buffer} - -Copies the passed `buffer` data onto a new `Buffer` instance. - -```js -const buf1 = Buffer.from('buffer'); -const buf2 = Buffer.from(buf1); - -buf1[0] = 0x61; -console.log(buf1.toString()); - // 'auffer' -console.log(buf2.toString()); - // 'buffer' (copy is not changed) -``` - -A `TypeError` will be thrown if `buffer` is not a `Buffer`. - -### Class Method: Buffer.from(str[, encoding]) -<!-- YAML -added: v5.10.0 ---> - -* `str` {String} String to encode. -* `encoding` {String} Encoding to use, Default: `'utf8'` - -Creates a new `Buffer` containing the given JavaScript string `str`. If -provided, the `encoding` parameter identifies the character encoding. -If not provided, `encoding` defaults to `'utf8'`. - -```js -const buf1 = Buffer.from('this is a tést'); -console.log(buf1.toString()); - // prints: this is a tést -console.log(buf1.toString('ascii')); - // prints: this is a tC)st - -const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex'); -console.log(buf2.toString()); - // prints: this is a tést -``` - -A `TypeError` will be thrown if `str` is not a string. - -### Class Method: Buffer.alloc(size[, fill[, encoding]]) -<!-- YAML -added: v5.10.0 ---> - -* `size` {Number} -* `fill` {Value} Default: `undefined` -* `encoding` {String} Default: `utf8` - -Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the -`Buffer` will be *zero-filled*. - -```js -const buf = Buffer.alloc(5); -console.log(buf); - // <Buffer 00 00 00 00 00> -``` - -The `size` must be less than or equal to the value of -`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is -`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will -be created if a `size` less than or equal to 0 is specified. - -If `fill` is specified, the allocated `Buffer` will be initialized by calling -`buf.fill(fill)`. See [`buf.fill()`][] for more information. - -```js -const buf = Buffer.alloc(5, 'a'); -console.log(buf); - // <Buffer 61 61 61 61 61> -``` - -If both `fill` and `encoding` are specified, the allocated `Buffer` will be -initialized by calling `buf.fill(fill, encoding)`. For example: - -```js -const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64'); -console.log(buf); - // <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64> -``` - -Calling `Buffer.alloc(size)` can be significantly slower than the alternative -`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance -contents will *never contain sensitive data*. - -A `TypeError` will be thrown if `size` is not a number. - -### Class Method: Buffer.allocUnsafe(size) -<!-- YAML -added: v5.10.0 ---> - -* `size` {Number} - -Allocates a new *non-zero-filled* `Buffer` of `size` bytes. The `size` must -be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit -architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is -thrown. A zero-length Buffer will be created if a `size` less than or equal to -0 is specified. - -The underlying memory for `Buffer` instances created in this way is *not -initialized*. The contents of the newly created `Buffer` are unknown and -*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such -`Buffer` instances to zeroes. - -```js -const buf = Buffer.allocUnsafe(5); -console.log(buf); - // <Buffer 78 e0 82 02 01> - // (octets will be different, every time) -buf.fill(0); -console.log(buf); - // <Buffer 00 00 00 00 00> -``` - -A `TypeError` will be thrown if `size` is not a number. - -Note that the `Buffer` module pre-allocates an internal `Buffer` instance of -size `Buffer.poolSize` that is used as a pool for the fast allocation of new -`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated -`new Buffer(size)` constructor) only when `size` is less than or equal to -`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default -value of `Buffer.poolSize` is `8192` but can be modified. - -Use of this pre-allocated internal memory pool is a key difference between -calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`. -Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer -pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal -Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The -difference is subtle but can be important when an application requires the -additional performance that `Buffer.allocUnsafe(size)` provides. - -### Class Method: Buffer.allocUnsafeSlow(size) -<!-- YAML -added: v5.10.0 ---> - -* `size` {Number} - -Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes. The -`size` must be less than or equal to the value of -`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is -`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will -be created if a `size` less than or equal to 0 is specified. - -The underlying memory for `Buffer` instances created in this way is *not -initialized*. The contents of the newly created `Buffer` are unknown and -*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such -`Buffer` instances to zeroes. - -When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances, -allocations under 4KB are, by default, sliced from a single pre-allocated -`Buffer`. This allows applications to avoid the garbage collection overhead of -creating many individually allocated Buffers. This approach improves both -performance and memory usage by eliminating the need to track and cleanup as -many `Persistent` objects. - -However, in the case where a developer may need to retain a small chunk of -memory from a pool for an indeterminate amount of time, it may be appropriate -to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then -copy out the relevant bits. - -```js -// need to keep around a few small chunks of memory -const store = []; - -socket.on('readable', () => { - const data = socket.read(); - // allocate for retained data - const sb = Buffer.allocUnsafeSlow(10); - // copy the data into the new allocation - data.copy(sb, 0, 0, 10); - store.push(sb); -}); -``` - -Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after* -a developer has observed undue memory retention in their applications. - -A `TypeError` will be thrown if `size` is not a number. - -### All the Rest - -The rest of the `Buffer` API is exactly the same as in node.js. -[See the docs](https://nodejs.org/api/buffer.html). - - -## Related links - -- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660) -- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4) - -## Why is `Buffer` unsafe? - -Today, the node.js `Buffer` constructor is overloaded to handle many different argument -types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.), -`ArrayBuffer`, and also `Number`. - -The API is optimized for convenience: you can throw any type at it, and it will try to do -what you want. - -Because the Buffer constructor is so powerful, you often see code like this: - -```js -// Convert UTF-8 strings to hex -function toHex (str) { - return new Buffer(str).toString('hex') -} -``` - -***But what happens if `toHex` is called with a `Number` argument?*** - -### Remote Memory Disclosure - -If an attacker can make your program call the `Buffer` constructor with a `Number` -argument, then they can make it allocate uninitialized memory from the node.js process. -This could potentially disclose TLS private keys, user data, or database passwords. - -When the `Buffer` constructor is passed a `Number` argument, it returns an -**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like -this, you **MUST** overwrite the contents before returning it to the user. - -From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size): - -> `new Buffer(size)` -> -> - `size` Number -> -> The underlying memory for `Buffer` instances created in this way is not initialized. -> **The contents of a newly created `Buffer` are unknown and could contain sensitive -> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes. - -(Emphasis our own.) - -Whenever the programmer intended to create an uninitialized `Buffer` you often see code -like this: - -```js -var buf = new Buffer(16) - -// Immediately overwrite the uninitialized buffer with data from another buffer -for (var i = 0; i < buf.length; i++) { - buf[i] = otherBuf[i] -} -``` - - -### Would this ever be a problem in real code? - -Yes. It's surprisingly common to forget to check the type of your variables in a -dynamically-typed language like JavaScript. - -Usually the consequences of assuming the wrong type is that your program crashes with an -uncaught exception. But the failure mode for forgetting to check the type of arguments to -the `Buffer` constructor is more catastrophic. - -Here's an example of a vulnerable service that takes a JSON payload and converts it to -hex: - -```js -// Take a JSON payload {str: "some string"} and convert it to hex -var server = http.createServer(function (req, res) { - var data = '' - req.setEncoding('utf8') - req.on('data', function (chunk) { - data += chunk - }) - req.on('end', function () { - var body = JSON.parse(data) - res.end(new Buffer(body.str).toString('hex')) - }) -}) - -server.listen(8080) -``` - -In this example, an http client just has to send: - -```json -{ - "str": 1000 -} -``` - -and it will get back 1,000 bytes of uninitialized memory from the server. - -This is a very serious bug. It's similar in severity to the -[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process -memory by remote attackers. - - -### Which real-world packages were vulnerable? - -#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht) - -[Mathias Buus](https://github.com/mafintosh) and I -([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages, -[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow -anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get -them to reveal 20 bytes at a time of uninitialized memory from the node.js process. - -Here's -[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8) -that fixed it. We released a new fixed version, created a -[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all -vulnerable versions on npm so users will get a warning to upgrade to a newer version. - -#### [`ws`](https://www.npmjs.com/package/ws) - -That got us wondering if there were other vulnerable packages. Sure enough, within a short -period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the -most popular WebSocket implementation in node.js. - -If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as -expected, then uninitialized server memory would be disclosed to the remote peer. - -These were the vulnerable methods: - -```js -socket.send(number) -socket.ping(number) -socket.pong(number) -``` - -Here's a vulnerable socket server with some echo functionality: - -```js -server.on('connection', function (socket) { - socket.on('message', function (message) { - message = JSON.parse(message) - if (message.type === 'echo') { - socket.send(message.data) // send back the user's message - } - }) -}) -``` - -`socket.send(number)` called on the server, will disclose server memory. - -Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue -was fixed, with a more detailed explanation. Props to -[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the -[Node Security Project disclosure](https://nodesecurity.io/advisories/67). - - -### What's the solution? - -It's important that node.js offers a fast way to get memory otherwise performance-critical -applications would needlessly get a lot slower. - -But we need a better way to *signal our intent* as programmers. **When we want -uninitialized memory, we should request it explicitly.** - -Sensitive functionality should not be packed into a developer-friendly API that loosely -accepts many different types. This type of API encourages the lazy practice of passing -variables in without checking the type very carefully. - -#### A new API: `Buffer.allocUnsafe(number)` - -The functionality of creating buffers with uninitialized memory should be part of another -API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that -frequently gets user input of all sorts of different types passed into it. - -```js -var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory! - -// Immediately overwrite the uninitialized buffer with data from another buffer -for (var i = 0; i < buf.length; i++) { - buf[i] = otherBuf[i] -} -``` - - -### How do we fix node.js core? - -We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as -`semver-major`) which defends against one case: - -```js -var str = 16 -new Buffer(str, 'utf8') -``` - -In this situation, it's implied that the programmer intended the first argument to be a -string, since they passed an encoding as a second argument. Today, node.js will allocate -uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not -what the programmer intended. - -But this is only a partial solution, since if the programmer does `new Buffer(variable)` -(without an `encoding` parameter) there's no way to know what they intended. If `variable` -is sometimes a number, then uninitialized memory will sometimes be returned. - -### What's the real long-term fix? - -We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when -we need uninitialized memory. But that would break 1000s of packages. - -~~We believe the best solution is to:~~ - -~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~ - -~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~ - -#### Update - -We now support adding three new APIs: - -- `Buffer.from(value)` - convert from any type to a buffer -- `Buffer.alloc(size)` - create a zero-filled buffer -- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size - -This solves the core problem that affected `ws` and `bittorrent-dht` which is -`Buffer(variable)` getting tricked into taking a number argument. - -This way, existing code continues working and the impact on the npm ecosystem will be -minimal. Over time, npm maintainers can migrate performance-critical code to use -`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`. - - -### Conclusion - -We think there's a serious design issue with the `Buffer` API as it exists today. It -promotes insecure software by putting high-risk functionality into a convenient API -with friendly "developer ergonomics". - -This wasn't merely a theoretical exercise because we found the issue in some of the -most popular npm packages. - -Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of -`buffer`. - -```js -var Buffer = require('safe-buffer').Buffer -``` - -Eventually, we hope that node.js core can switch to this new, safer behavior. We believe -the impact on the ecosystem would be minimal since it's not a breaking change. -Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while -older, insecure packages would magically become safe from this attack vector. - - -## links - -- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514) -- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67) -- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68) - - -## credit - -The original issues in `bittorrent-dht` -([disclosure](https://nodesecurity.io/advisories/68)) and -`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by -[Mathias Buus](https://github.com/mafintosh) and -[Feross Aboukhadijeh](http://feross.org/). - -Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues -and for his work running the [Node Security Project](https://nodesecurity.io/). - -Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and -auditing the code. - - -## license - -MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org) diff --git a/node_modules/npm-profile/node_modules/safe-buffer/index.d.ts b/node_modules/npm-profile/node_modules/safe-buffer/index.d.ts deleted file mode 100644 index e9fed809a..000000000 --- a/node_modules/npm-profile/node_modules/safe-buffer/index.d.ts +++ /dev/null @@ -1,187 +0,0 @@ -declare module "safe-buffer" { - export class Buffer { - length: number - write(string: string, offset?: number, length?: number, encoding?: string): number; - toString(encoding?: string, start?: number, end?: number): string; - toJSON(): { type: 'Buffer', data: any[] }; - equals(otherBuffer: Buffer): boolean; - compare(otherBuffer: Buffer, targetStart?: number, targetEnd?: number, sourceStart?: number, sourceEnd?: number): number; - copy(targetBuffer: Buffer, targetStart?: number, sourceStart?: number, sourceEnd?: number): number; - slice(start?: number, end?: number): Buffer; - writeUIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; - writeUIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; - writeIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; - writeIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; - readUIntLE(offset: number, byteLength: number, noAssert?: boolean): number; - readUIntBE(offset: number, byteLength: number, noAssert?: boolean): number; - readIntLE(offset: number, byteLength: number, noAssert?: boolean): number; - readIntBE(offset: number, byteLength: number, noAssert?: boolean): number; - readUInt8(offset: number, noAssert?: boolean): number; - readUInt16LE(offset: number, noAssert?: boolean): number; - readUInt16BE(offset: number, noAssert?: boolean): number; - readUInt32LE(offset: number, noAssert?: boolean): number; - readUInt32BE(offset: number, noAssert?: boolean): number; - readInt8(offset: number, noAssert?: boolean): number; - readInt16LE(offset: number, noAssert?: boolean): number; - readInt16BE(offset: number, noAssert?: boolean): number; - readInt32LE(offset: number, noAssert?: boolean): number; - readInt32BE(offset: number, noAssert?: boolean): number; - readFloatLE(offset: number, noAssert?: boolean): number; - readFloatBE(offset: number, noAssert?: boolean): number; - readDoubleLE(offset: number, noAssert?: boolean): number; - readDoubleBE(offset: number, noAssert?: boolean): number; - swap16(): Buffer; - swap32(): Buffer; - swap64(): Buffer; - writeUInt8(value: number, offset: number, noAssert?: boolean): number; - writeUInt16LE(value: number, offset: number, noAssert?: boolean): number; - writeUInt16BE(value: number, offset: number, noAssert?: boolean): number; - writeUInt32LE(value: number, offset: number, noAssert?: boolean): number; - writeUInt32BE(value: number, offset: number, noAssert?: boolean): number; - writeInt8(value: number, offset: number, noAssert?: boolean): number; - writeInt16LE(value: number, offset: number, noAssert?: boolean): number; - writeInt16BE(value: number, offset: number, noAssert?: boolean): number; - writeInt32LE(value: number, offset: number, noAssert?: boolean): number; - writeInt32BE(value: number, offset: number, noAssert?: boolean): number; - writeFloatLE(value: number, offset: number, noAssert?: boolean): number; - writeFloatBE(value: number, offset: number, noAssert?: boolean): number; - writeDoubleLE(value: number, offset: number, noAssert?: boolean): number; - writeDoubleBE(value: number, offset: number, noAssert?: boolean): number; - fill(value: any, offset?: number, end?: number): this; - indexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; - lastIndexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; - includes(value: string | number | Buffer, byteOffset?: number, encoding?: string): boolean; - - /** - * Allocates a new buffer containing the given {str}. - * - * @param str String to store in buffer. - * @param encoding encoding to use, optional. Default is 'utf8' - */ - constructor (str: string, encoding?: string); - /** - * Allocates a new buffer of {size} octets. - * - * @param size count of octets to allocate. - */ - constructor (size: number); - /** - * Allocates a new buffer containing the given {array} of octets. - * - * @param array The octets to store. - */ - constructor (array: Uint8Array); - /** - * Produces a Buffer backed by the same allocated memory as - * the given {ArrayBuffer}. - * - * - * @param arrayBuffer The ArrayBuffer with which to share memory. - */ - constructor (arrayBuffer: ArrayBuffer); - /** - * Allocates a new buffer containing the given {array} of octets. - * - * @param array The octets to store. - */ - constructor (array: any[]); - /** - * Copies the passed {buffer} data onto a new {Buffer} instance. - * - * @param buffer The buffer to copy. - */ - constructor (buffer: Buffer); - prototype: Buffer; - /** - * Allocates a new Buffer using an {array} of octets. - * - * @param array - */ - static from(array: any[]): Buffer; - /** - * When passed a reference to the .buffer property of a TypedArray instance, - * the newly created Buffer will share the same allocated memory as the TypedArray. - * The optional {byteOffset} and {length} arguments specify a memory range - * within the {arrayBuffer} that will be shared by the Buffer. - * - * @param arrayBuffer The .buffer property of a TypedArray or a new ArrayBuffer() - * @param byteOffset - * @param length - */ - static from(arrayBuffer: ArrayBuffer, byteOffset?: number, length?: number): Buffer; - /** - * Copies the passed {buffer} data onto a new Buffer instance. - * - * @param buffer - */ - static from(buffer: Buffer): Buffer; - /** - * Creates a new Buffer containing the given JavaScript string {str}. - * If provided, the {encoding} parameter identifies the character encoding. - * If not provided, {encoding} defaults to 'utf8'. - * - * @param str - */ - static from(str: string, encoding?: string): Buffer; - /** - * Returns true if {obj} is a Buffer - * - * @param obj object to test. - */ - static isBuffer(obj: any): obj is Buffer; - /** - * Returns true if {encoding} is a valid encoding argument. - * Valid string encodings in Node 0.12: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'binary'(deprecated)|'hex' - * - * @param encoding string to test. - */ - static isEncoding(encoding: string): boolean; - /** - * Gives the actual byte length of a string. encoding defaults to 'utf8'. - * This is not the same as String.prototype.length since that returns the number of characters in a string. - * - * @param string string to test. - * @param encoding encoding used to evaluate (defaults to 'utf8') - */ - static byteLength(string: string, encoding?: string): number; - /** - * Returns a buffer which is the result of concatenating all the buffers in the list together. - * - * If the list has no items, or if the totalLength is 0, then it returns a zero-length buffer. - * If the list has exactly one item, then the first item of the list is returned. - * If the list has more than one item, then a new Buffer is created. - * - * @param list An array of Buffer objects to concatenate - * @param totalLength Total length of the buffers when concatenated. - * If totalLength is not provided, it is read from the buffers in the list. However, this adds an additional loop to the function, so it is faster to provide the length explicitly. - */ - static concat(list: Buffer[], totalLength?: number): Buffer; - /** - * The same as buf1.compare(buf2). - */ - static compare(buf1: Buffer, buf2: Buffer): number; - /** - * Allocates a new buffer of {size} octets. - * - * @param size count of octets to allocate. - * @param fill if specified, buffer will be initialized by calling buf.fill(fill). - * If parameter is omitted, buffer will be filled with zeros. - * @param encoding encoding used for call to buf.fill while initalizing - */ - static alloc(size: number, fill?: string | Buffer | number, encoding?: string): Buffer; - /** - * Allocates a new buffer of {size} octets, leaving memory not initialized, so the contents - * of the newly created Buffer are unknown and may contain sensitive data. - * - * @param size count of octets to allocate - */ - static allocUnsafe(size: number): Buffer; - /** - * Allocates a new non-pooled buffer of {size} octets, leaving memory not initialized, so the contents - * of the newly created Buffer are unknown and may contain sensitive data. - * - * @param size count of octets to allocate - */ - static allocUnsafeSlow(size: number): Buffer; - } -}
\ No newline at end of file diff --git a/node_modules/npm-profile/node_modules/safe-buffer/index.js b/node_modules/npm-profile/node_modules/safe-buffer/index.js deleted file mode 100644 index 054c8d30d..000000000 --- a/node_modules/npm-profile/node_modules/safe-buffer/index.js +++ /dev/null @@ -1,64 +0,0 @@ -/* eslint-disable node/no-deprecated-api */ -var buffer = require('buffer') -var Buffer = buffer.Buffer - -// alternative to using Object.keys for old browsers -function copyProps (src, dst) { - for (var key in src) { - dst[key] = src[key] - } -} -if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) { - module.exports = buffer -} else { - // Copy properties from require('buffer') - copyProps(buffer, exports) - exports.Buffer = SafeBuffer -} - -function SafeBuffer (arg, encodingOrOffset, length) { - return Buffer(arg, encodingOrOffset, length) -} - -SafeBuffer.prototype = Object.create(Buffer.prototype) - -// Copy static methods from Buffer -copyProps(Buffer, SafeBuffer) - -SafeBuffer.from = function (arg, encodingOrOffset, length) { - if (typeof arg === 'number') { - throw new TypeError('Argument must not be a number') - } - return Buffer(arg, encodingOrOffset, length) -} - -SafeBuffer.alloc = function (size, fill, encoding) { - if (typeof size !== 'number') { - throw new TypeError('Argument must be a number') - } - var buf = Buffer(size) - if (fill !== undefined) { - if (typeof encoding === 'string') { - buf.fill(fill, encoding) - } else { - buf.fill(fill) - } - } else { - buf.fill(0) - } - return buf -} - -SafeBuffer.allocUnsafe = function (size) { - if (typeof size !== 'number') { - throw new TypeError('Argument must be a number') - } - return Buffer(size) -} - -SafeBuffer.allocUnsafeSlow = function (size) { - if (typeof size !== 'number') { - throw new TypeError('Argument must be a number') - } - return buffer.SlowBuffer(size) -} diff --git a/node_modules/npm-profile/node_modules/safe-buffer/package.json b/node_modules/npm-profile/node_modules/safe-buffer/package.json deleted file mode 100644 index 203338aa5..000000000 --- a/node_modules/npm-profile/node_modules/safe-buffer/package.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "_from": "safe-buffer@^5.2.0", - "_id": "safe-buffer@5.2.0", - "_inBundle": false, - "_integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==", - "_location": "/npm-profile/safe-buffer", - "_phantomChildren": {}, - "_requested": { - "type": "range", - "registry": true, - "raw": "safe-buffer@^5.2.0", - "name": "safe-buffer", - "escapedName": "safe-buffer", - "rawSpec": "^5.2.0", - "saveSpec": null, - "fetchSpec": "^5.2.0" - }, - "_requiredBy": [ - "/npm-profile/npm-registry-fetch" - ], - "_resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", - "_shasum": "b74daec49b1148f88c64b68d49b1e815c1f2f519", - "_spec": "safe-buffer@^5.2.0", - "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-profile/node_modules/npm-registry-fetch", - "author": { - "name": "Feross Aboukhadijeh", - "email": "feross@feross.org", - "url": "http://feross.org" - }, - "bugs": { - "url": "https://github.com/feross/safe-buffer/issues" - }, - "bundleDependencies": false, - "deprecated": false, - "description": "Safer Node.js Buffer API", - "devDependencies": { - "standard": "*", - "tape": "^4.0.0" - }, - "homepage": "https://github.com/feross/safe-buffer", - "keywords": [ - "buffer", - "buffer allocate", - "node security", - "safe", - "safe-buffer", - "security", - "uninitialized" - ], - "license": "MIT", - "main": "index.js", - "name": "safe-buffer", - "repository": { - "type": "git", - "url": "git://github.com/feross/safe-buffer.git" - }, - "scripts": { - "test": "standard && tape test/*.js" - }, - "types": "index.d.ts", - "version": "5.2.0" -} diff --git a/node_modules/npm-profile/package.json b/node_modules/npm-profile/package.json index 2f252aac8..e83c1206a 100644 --- a/node_modules/npm-profile/package.json +++ b/node_modules/npm-profile/package.json @@ -1,27 +1,27 @@ { - "_from": "npm-profile@4.0.2", - "_id": "npm-profile@4.0.2", + "_from": "npm-profile@latest", + "_id": "npm-profile@5.0.1", "_inBundle": false, - "_integrity": "sha512-VRsC04pvRH+9cF+PoVh2nTmJjiG21yu59IHpsBpkxk+jaGAV8lxx96G4SDc0jOHAkfWLXbc6kIph3dGAuRnotQ==", + "_integrity": "sha512-WAkCI5yEyC7738SVX9OqSUhsDoQYEm3RsE09we8KHeaWRaEZEli80CyQl8U/J3x6QCmr7vOFur3r4BNSJgQV/g==", "_location": "/npm-profile", "_phantomChildren": {}, "_requested": { - "type": "version", + "type": "tag", "registry": true, - "raw": "npm-profile@4.0.2", + "raw": "npm-profile@latest", "name": "npm-profile", "escapedName": "npm-profile", - "rawSpec": "4.0.2", + "rawSpec": "latest", "saveSpec": null, - "fetchSpec": "4.0.2" + "fetchSpec": "latest" }, "_requiredBy": [ "#USER", "/" ], - "_resolved": "https://registry.npmjs.org/npm-profile/-/npm-profile-4.0.2.tgz", - "_shasum": "8272a71c19634d0dce9c35a5daf8ee589cbb0f52", - "_spec": "npm-profile@4.0.2", + "_resolved": "https://registry.npmjs.org/npm-profile/-/npm-profile-5.0.1.tgz", + "_shasum": "379def82656ef3f4e3c11d62a190233fc90c6401", + "_spec": "npm-profile@latest", "_where": "/Users/isaacs/dev/npm/cli", "author": { "name": "Rebecca Turner", @@ -33,17 +33,23 @@ }, "bundleDependencies": false, "dependencies": { - "aproba": "^1.1.2 || 2", - "figgy-pudding": "^3.4.1", - "npm-registry-fetch": "^4.0.0" + "npm-registry-fetch": "^8.0.0" }, "deprecated": false, "description": "Library for updating an npmjs.com profile", + "devDependencies": { + "nock": "^12.0.1", + "require-inject": "^1.4.4", + "standard": "^14.3.1", + "tap": "^14.10.6" + }, + "engines": { + "node": ">=10" + }, "files": [ - "CHANGELOG.md", "index.js" ], - "homepage": "https://github.com/npm/npm-profile/tree/latest/lib#readme", + "homepage": "https://github.com/npm/npm-profile#readme", "keywords": [], "license": "ISC", "main": "index.js", @@ -52,5 +58,16 @@ "type": "git", "url": "git+https://github.com/npm/npm-profile.git" }, - "version": "4.0.2" + "scripts": { + "posttest": "standard index.js", + "postversion": "npm publish", + "prepublishOnly": "git push origin --follow-tags", + "preversion": "npm test", + "snap": "tap", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "5.0.1" } |