diff options
| author | isaacs <i@izs.me> | 2020-12-18 23:21:17 +0300 |
|---|---|---|
| committer | isaacs <i@izs.me> | 2020-12-18 23:21:17 +0300 |
| commit | 4fc2f3e05b600aa64fe5eb6b8b77bc070e5a9403 (patch) | |
| tree | 78ee1764f49439a4dbde3d2bc667f76a08e15e88 /node_modules | |
| parent | bc1c567ed3d853ed4f01d33a800eb453956de6ef (diff) | |
@npmcli/config@1.2.8
* Support setting email without username/password
Fixes: #2300
Diffstat (limited to 'node_modules')
| -rw-r--r-- | node_modules/@npmcli/config/lib/index.js | 30 | ||||
| -rw-r--r-- | node_modules/@npmcli/config/package.json | 2 |
2 files changed, 22 insertions, 10 deletions
diff --git a/node_modules/@npmcli/config/lib/index.js b/node_modules/@npmcli/config/lib/index.js index a80b976a0..e7fac96c1 100644 --- a/node_modules/@npmcli/config/lib/index.js +++ b/node_modules/@npmcli/config/lib/index.js @@ -178,6 +178,11 @@ class Config { throw new Error('call config.load() before setting values') if (!confTypes.has(where)) throw new Error('invalid config location param: ' + where) + if (key === '_auth') { + const { email } = this.getCredentialsByURI(this.get('registry')) + if (!email) + throw new Error('Cannot set _auth without first setting email') + } this.data.get(where).data[key] = val // this is now dirty, the next call to this.valid will have to check it @@ -512,6 +517,9 @@ class Config { if (where === 'user') { const reg = this.get('registry') const creds = this.getCredentialsByURI(reg) + // we ignore this error because the failed set already removed + // anything that might be a security hazard, and it won't be + // saved back to the .npmrc file, so we're good. try { this.setCredentialsByURI(reg, creds) } catch (_) {} } @@ -576,18 +584,22 @@ class Config { this.delete(`${nerfed}:email`, 'user') this.delete(`${nerfed}:always-auth`, 'user') } else if (username || password || email) { - if (!username) - throw new Error('must include username') - if (!password) - throw new Error('must include password') + if (username || password) { + if (!username) + throw new Error('must include username') + if (!password) + throw new Error('must include password') + } if (!email) throw new Error('must include email') this.delete(`${nerfed}:_authToken`, 'user') - this.set(`${nerfed}:username`, username, 'user') - // note: not encrypted, no idea why we bothered to do this, but oh well - // protects against shoulder-hacks if password is memorable, I guess? - const encoded = Buffer.from(password, 'utf8').toString('base64') - this.set(`${nerfed}:_password`, encoded, 'user') + if (username || password) { + this.set(`${nerfed}:username`, username, 'user') + // note: not encrypted, no idea why we bothered to do this, but oh well + // protects against shoulder-hacks if password is memorable, I guess? + const encoded = Buffer.from(password, 'utf8').toString('base64') + this.set(`${nerfed}:_password`, encoded, 'user') + } this.set(`${nerfed}:email`, email, 'user') if (alwaysAuth !== undefined) this.set(`${nerfed}:always-auth`, alwaysAuth, 'user') diff --git a/node_modules/@npmcli/config/package.json b/node_modules/@npmcli/config/package.json index 26581f385..a7050c73a 100644 --- a/node_modules/@npmcli/config/package.json +++ b/node_modules/@npmcli/config/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/config", - "version": "1.2.7", + "version": "1.2.8", "files": [ "lib" ], |